Ascolta

Firewall Intrusion Prevention Systems (FIPS) is a 5 day, instructor-led course that combines the Securing Networks with PIX and ASA (SNPA) and Implementing Cisco Intrusion Prevention Systems (IPS) course. This course provides the knowledge and skills needed to implement and configure a security solution based on the Cisco ASA 5500 Series Adaptive Security Appliances (ASA) and Cisco IPS Sensor.

Because of the accelerated nature of the course, be prepared for longer days in class and a heavy study load. Also, not all material in the student manuals for each course will be reviewed in class. Students will have an opportunities to ask questions on the material covered in the course kits that is not presented in class.

Duration

Prerequisites

To fully benefit from this course, it is recommended that you have the following prerequisite skills and knowledge:

• Cisco CCNA certification or the equivalent knowledge
• Basic knowledge of the Windows operating system
• Familiarity with networking and security terms and concepts

Associated Certifications

• Cisco Certified Security Professional (CCSP)

Who Should Attend

This course is intended for the following audience:

• Channel Partner / Reseller
• Customer
• Employee

Course Objectives

After completing this course, the student will be able to:

• Describe the general functionality of firewalls and security appliances
• Choose the most appropriate security appliance and licensing for a given scenario
• Configure the security appliance for basic network connectivity
• Perform address translation on a security appliance
• Configure security appliance access control
• Describe and configure the object grouping feature of Cisco security appliances
• Define, configure, and monitor AAA in Cisco security appliances
• Describe and configure the switching and routing functionality that your security appliance provides
• Describe and configure a security appliance modular policy
• Describe and configure security appliance advanced protocol handling
• Configure Cisco security appliances for VPN connectivity
• Configure security appliances for secure remote access
• Configure the Cisco security appliances to support the WebVPN feature set
• Configure Cisco security appliances to run in transparent firewall mode
• Configure the security appliance to support multiple contexts
• Implement and configure failover in a network
• Configure and monitor security appliances with ASDM
• Initialize a Cisco ASA AIP SSM and CSC SSM
• Secure and upgrade system access to the security appliance and recover from problems
• Explain how Cisco IPS protects network devices from attacks
• Install and configure the basic settings on a Cisco IPS 4200 Series Sensor
• Use the Cisco IDM to configure built-in signatures to meet the requirements of a given security policy
• Configure some of the more advanced features of the Cisco IPS product line
• Initialize and install into your environment the rest of the Cisco IPS family of products
• Use the CLI and Cisco IDM to obtain system information, and configure the Cisco IPS sensor to allow an SNMP NMS to monitor the Cisco IPS sensor

Course Outlines

SNPA

1. Introducing Cisco Security Appliance Technology and Features
2. Introducing Cisco ASA and PIX Security Appliance Families
3. Getting Started with Cisco Security Appliances
4. Configuring Translations and Connection Limits
5. Using ACLs and Content Filtering
6. Configuring Object Grouping
7. Configuring AAA
8. Switching and Routing on Cisco Security Appliances
9. Configuring the Cisco Modular Policy Framework
10. Configuring Advanced Protocol Handling
11. Configuring VPNs
12. Configuring Security Appliance Remote Access Using Cisco Easy VPN
13. Configuring Cisco Security Appliances for WebVPN
14. Configuring Transparent Firewall Mode
15. Configuring Security Contexts
16. Configuring Failover
17. Using Cisco ASDM
18. Introducing Cisco ASA SSMs
19. Managing Security Appliances

IPS

1. Intrusion Prevention Overview
2. Installation of a Cisco IPS 4200 Series Sensor
3. Cisco IPS Signatures
4. Advanced Cisco IPS Configuration
5. Additional Cisco IPS Devices
6. Cisco IPS Sensor Maintenance

Hands-on Lab Exercises

SNPA

• Lab 3-1: Configure the Security Appliance and Execute General Maintenance Commands
• Lab 4-1: Configure Access Through the Security Appliance
• Lab 5-1: Configure ACLs on the Security Appliance
• Lab 6-1: Configure Object Groups
• Lab 7-1: Configure AAA on the Security Appliance Using Cisco Secure ACS for Windows 2000
• Lab 10-1: Configure Advanced Protocol Inspection on the Security Appliance
• Lab 11-1: Configure Security Appliance Site-to-Site VPN
• Lab 12-1: Configure a Secure VPN Using IPsec between a Security Appliance and a Cisco VPN Client
• Lab 13-1: Configure the Security Appliance for WebVPN
• Lab 14-1: Configure Security Appliance Transparent Firewall
• Lab 16-1: Configure LAN-Based Active/Standby Failover
• Lab 16-2: Configure LAN-Based Active/Active Failover
• Lab 17-1: Configure the Security Appliance with ASDM
• Lab 18-1: Initialize the Cisco ASA AIP SSM
• Lab 19-1: Manage the Security Appliance

IPS

• Lab 2-1: Install and Configure a Cisco IPS Sensor from the CLI
• Lab 2-2: Use the Cisco IDM to Perform a Basic Sensor Configuration
• Lab 3-1: Working with Signatures and Alerts
• Lab 3-2: Customizing Signatures
• Lab 4-1: Tune a Cisco IPS Sensor Using the Cisco IDM
• Lab 4-2: Monitor and Manage Alarms
• Lab 4-3: Configure a Virtual Sensor (Optional)
• Lab 4-4: Configure Anomaly Detection and POSFP
• Lab 6-1: Maintain Sensors and Verify System Configuration

Call for details. 949-477-2000 option 1