Course Duration:

5 Days

Prerequisites

SASAC – Implementing Core Cisco ASA Security v1.0

Course Content

Implementing Advanced Cisco ASA Security (SASAA) v2.1 is an instructor-led course that provides an updated training with labs. The Labs focus on the key features of the Cisco ASA (covering up to the ASA 9.5.1 release). The goal of the course is to be able to implement the key features of the Cisco ASA, including Cisco ASA Firepower Services (including Firepower v6.0), ASA Cloud Web Security, ASA Identity Firewall, ASA Clustering and the Virtual ASA (ASAv). Upon completing this course, students will be able to understand:

  • Describe the Cisco ASA 5500-X Series Next Generation Firewalls, ASAv virtual security appliance, ASA 5506-X, 5508-X, 5516-X, and ASASM, and implement ASA 9.5.1 features
  • Implement Cisco ASA Identity Firewall policies
  • Install and set up the Cisco FirePOWER Services Module (SFR)
  • Implement Cisco ASA Cloud Web Security
  • Implement Cisco ASA Clustering
  • Describe Cisco ASA Security Group Firewall and Change of Authorization Support

Course Outline

1. Cisco ASA Product Family

  • ASA 5500-X Next-Generation Firewalls
  • Cisco ASAv
  • Implementing ASA 9.3 and 9.4.1 New Features
  • Cisco ASA SM

2. Cisco ASA Identity Firewall

  • The Cisco IDFW Solution
  • Setting Up Cisco CDA
  • Configuring Cisco CDA
  • Configuring Cisco ASA IDFW
  • Troubleshooting Cisco ASA IDFW

3. Cisco ASA FirePOWER (SFR) Module

  • Installing Cisco ASA FirePOWER Services Module
  • Managing Cisco ASA FirePOWER Services Module Using Cisco FireSIGHT Management Center
  • The Cisco ASA 5506-X, 5508-X, and 5516-X FirePOWER Services
  • Configuring ASA Firepower Services v6.0 New Features

4. Cisco ASA Cloud Web Security Integration

  • Cisco ASA with Cisco Cloud Web Security
  • Configuring Cisco ASA with Cisco Cloud Web Security
  • Cisco ASA with Cisco Cloud Web Security
  • The Web Filtering Policy in Cisco ScanCenter
  • Cisco Cloud Web Security Advanced Malware Protection and Threat Analytics

5. Cisco ASA Cluster

  • Cisco ASA Cluster Features
  • Cisco ASA Cluster Terminology and Data Flows
  • CLI to Configure a Cisco ASA Cluster
  • ASDM to Configure a Cisco ASA Cluster
  • Cisco ASA Cluster Operations
  • Troubleshooting a Cisco ASA Cluster Operations
  • Cisco ASA v9.1.4 and later Clustering Features

6. Cisco ASA Security Group Firewall

  • Introducing Cisco Security Group Tagging
  • Configuring ASA Security Group Firewall
  • ASA 9.2.1 and Later Releases SGT Features
  • ASA 9.2.1 and Later Releases Change of Authorization Support

Labs

  • Lab 1: Set Up and Test the ASAv
  • Lab 2: Implement New Features in ASA 9.3 and 9.4
  • Lab 3: Configure the Cisco CDA
  • Lab 4: Configure ASA IDFW
  • Lab 5: Install and Configure ASA SFR
  • Lab 6: Configure and Test Firepower Management Center
  • Lab 7: Configure ASA CWS
  • Lab 8: Configuring Security Group Access
  • Lab 9: Implement Cisco ASA Clustering

Who Should Attend

IT Professionals and Security Engineers responsible for deployment, administration, and support of Cisco Adaptive Security Appliances