Cisco ASA 5500-X Series Next-Generation Firewalls LiveLessons (Workshop)

Cisco ASA 5500-X Series Next-Generation Firewalls LiveLessons (Workshop)

Released May 2015
Publisher(s): Cisco Press
ISBN: 0134190963

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Video description

More than 6 hours of video instruction

More than 6 hours of video training on Cisco ASA 5500-X Series Next-Generation Firewalls. The workshop covers everything from initial design to advanced configuration and troubleshooting.

Description

Cisco ASA 5500-X Series Next-Generation Firewalls LiveLessons (Workshop) is an engaging and unique video course taught in front of a live audience. Omar Santos, senior incident manager and the technical leader of the Cisco Product Security Incident Response Team (PSIRT) and co-author of Cisco ASA: All-in-one Next-Generation Firewall, IPS, and VPN Services, teaches you the skills you need to design, configure, and troubleshoot the firewall features of the Cisco ASA 5500-X Series Next-Generation Firewalls and FirePOWER services with Advanced Malware Protection (AMP).

This workshop, taught in front of a live audience, introduces Cisco ASA solutions to overcoming obstacles by providing complete configuration and troubleshooting guidance. Cisco ASA 5500-X Series Next-Generation Firewalls LiveLessons (Workshop) is the definitive insider's guide to planning, installing, configuring, and maintaining the new Cisco ASA firewall features. 

Major topics include

Lesson 1: Introduction to the Cisco ASA
Lesson 2: Firewall Modes
Lesson 3: Multiple Context Mode
Lesson 4: Basic Settings
Lesson 5: Network Address Translation (NAT) 
Lesson 6: Controlling Access 
Lesson 7: IP Routing 
Lesson 8: Authentication, Authorization, Accounting (AAA) Support
Lesson 9: Cisco ASAv 
Lesson 10: High Availability
Lesson 11: Application Layer Protocol Inspection
Lesson 12: Logging 
Lesson 13: NetFlow Support
Lesson 14: Cisco ASA with FirePOWER Services
Lesson 15: Threat Detection
Question and Answer Session 

About the Instructor

Omar Santos is a senior incident manager and the technical leader of the Cisco Product Security Incident Response Team (PSIRT), where he mentors and leads engineers and incident managers during the investigation and resolution of security vulnerabilities in all Cisco products. Omar has more than 19 years of experience (15 at Cisco) working with information technology and cybersecurity. Omar has designed, implemented, and supported numerous secure networks for Fortune 500 companies and the U.S. government. Prior to his current role, he was a technical leader within the World Wide Security Practice and the Cisco Technical Assistance Center (TAC), where he taught, led, and mentored many engineers within both organizations. 

Omar is an active member of the security community, where he leads several industry-wide initiatives and standard bodies. His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants that are dedicated to increasing the security of critical infrastructure.

Omar is the author of four books, numerous whitepapers, articles, and security configuration guidelines and best practices. Omar has also delivered numerous technical presentations at conferences and to Cisco customers and partners, as well as many C-level executive presentations to many organizations. 

Author of numerous Cisco Press books, including

  • ¬†Cisco ASA: All-in-one Next-Generation Firewall, IPS, and VPN Services, Third Edition
  • ¬†Network Security with NetFlow and IPFIX: Big Data Analytics for Information Security¬†(to be published in 2015)
  • Cisco Network Admission Control, Volume II: NAC Deployment and Troubleshooting
  • End-to-End Network Security: Defense-in-Depth
Skill Level

Beginning to Intermediate: This video title encompasses topics from an introductory level to advanced topics on security and next-generation firewall capabilities.

What You Will Learn

The skills you need to design, configure, and troubleshoot the firewall features of the Cisco ASA 5500-X Series Next-Generation Firewalls.

Who Should Take This Course

Security professions; network professionals who manage network security and install and configure Cisco ASA firewalls. 

Course Requirements

Students must be familiar with general networking and security topics, including
  • Firewalls
  • Intrusion detection and intrusion prevention systems
  • LAN switching technologies
  • IP addressing (IPv4 and IPv6)
  • IP routing technologies (RIP, OSPF, EIGRP, BGP, and so on)
  • IP services (DHCP, NAT, ACLs, and so on)
  • Basic troubleshooting¬†

The LiveLessons Video Training series publishes hundreds of hands-on, expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. This professional and personal technology video series features world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, IBM Press, Pearson IT Certification, Prentice Hall, Sams, and Que. Topics include IT Certification, Programming, Web Development, Mobile Development, Home and Office Technologies, Business and Management, and more. 


View all LiveLessons on InformIT at http://www.informit.com/livelessons.

Table of contents

  1. Introduction
    1. Cisco ASA 5500-X Series Next-Generation Firewalls LiveLessons--Workshop: Introduction
  2. Lesson 1: Introduction to the Cisco ASA
    1. 1.1 Cisco ASA Product and Solution Overview
    2. 1.2 Model Comparison
    3. 1.3 Introduction to Feature Licenses
    4. 1.4 Shared and Backup License Server
    5. 1.5 Accessing the Console for Command-Line Interface
    6. 1.6 Accessing the ASA Services Module Console
    7. 1.7 Accessing the ASAv Console
    8. 1.8 Configuring ASDM Access for Appliances and the ASAv
    9. 1.9 Configuring ASDM Access for the ASA Services Module
  3. Lesson 2: Firewall Modes
    1. 2.1 Introducing the Routed Firewall Mode
    2. 2.2 How Data Moves Through the ASA in Routed Firewall Mode
    3. 2.3 How Data Moves Through the ASA in Transparent Firewall Mode
    4. 2.4 Guidelines and Limitations
    5. 2.5 Configuring the Firewall Mode
    6. 2.6 Configuring ARP Inspection for the Transparent Firewall
  4. Lesson 3: Multiple Context Mode
    1. 3.1 Introduction to Security Contexts
    2. 3.2 Common Uses for Security Contexts
    3. 3.3 How the ASA Classifies Packets
    4. 3.4 Cascading Security Contexts
    5. 3.5 Management Access to Security Contexts
    6. 3.6 Information About Resource Management
    7. 3.7 Information About MAC Addresses
    8. 3.8 Licensing Requirements for Multiple Context Mode
    9. 3.9 Configuring Multiple Contexts
    10. 3.10 Managing Security Contexts
  5. Lesson 4: Basic Settings
    1. 4.1 Setting the Hostname, Domain Name, and Passwords
    2. 4.2 Password Recovery
    3. 4.3 Setting the Date, Time, and Configuring the ASA with an NTP Server
    4. 4.4 Configuring DHCP Services
    5. 4.5 Configuring the DHCPv4 Relay Agent
    6. 4.6 Configuring the DHCPv6 Relay Agent
  6. Lesson 5: Network Address Translation
    1. 5.1 NAT in Routed and Transparent Mode
    2. 5.2 Static NAT
    3. 5.3 Dynamic NAT
    4. 5.4 Dynamic PAT
    5. 5.5 Identity NAT
    6. 5.6 Twice NAT
    7. 5.7 NAT Troubleshooting
  7. Lesson 6: Controlling Network Access
    1. 6.1 Introduction to Access Control Lists (ACLs)
    2. 6.2 Basic ACL Configuration and Management Options
    3. 6.3 Standard ACLs
    4. 6.4 Webtype ACLs
    5. 6.5 EtherType ACLs
    6. 6.6 Time-Based ACLs
    7. 6.7 Configuring an ACL in ASDM
    8. 6.8 Monitoring ACLs
  8. Lesson 7: IP Routing
    1. 7.1 How Routing Behaves Within the ASA
    2. 7.2 Supported Internet Protocols for Routing
    3. 7.3 How the Routing Table is Populated
    4. 7.4 Dynamic Routing in Failover and Clustering
    5. 7.5 Dynamic Routing in Multiple Context Mode
    6. 7.6 Static and Default Routes
    7. 7.7 OSPF Support
    8. 7.8 Configuring OSPFv2
    9. 7.9 Configuring OSPFv3
    10. 7.10 Monitoring and Troubleshooting OSPF
    11. 7.11 Configuring EIGRP
    12. 7.12 Monitoring and Troubleshooting EIGRP
    13. 7.13 BGP Support
    14. 7.14 Configuring BGP
    15. 7.15 Monitoring and Troubleshooting BGP
    16. 7.16 RIP Support
    17. 7.17 Configuring RIP
    18. 7.18 Monitoring and Troubleshooting RIP
  9. Lesson 8: Authentication, Authorization, Accounting (AAA) Support
    1. 8.1 Supported Authentication Methods
    2. 8.2 Configuring Local Users
    3. 8.3 Configuring RADIUS
    4. 8.4 Monitoring and Troubleshooting RADIUS
    5. 8.5 Configuring LDAP
    6. 8.6 Monitoring and Troubleshooting LDAP
    7. 8.7 Configuring AAA for Management Access
    8. 8.8 Configuring AAA for Firewall Connections
  10. Lesson 9: Cisco ASAv
    1. 9.1 Introducing the ASAv
    2. 9.2 ASAv Interface Configuration
    3. 9.3 Monitoring the ASAv
    4. 9.4 Troubleshooting Tips When Deploying the ASAv
  11. Lesson 10: High Availability
    1. 10.1 Failover Overview and System Requirements
    2. 10.2 Failover Health Monitoring and Design Details
    3. 10.3 Configuring Active/Standby Failover
    4. 10.4 Configuring Active/Active Failover
    5. 10.5 Troubleshooting Failover Configurations
    6. 10.6 Introduction to ASA Clustering
    7. 10.7 Data Interface Modes
    8. 10.8 Clustering Packet Flow
    9. 10.9 Configuring Clustering
    10. 10.10 Inter Data Center ASA Clustering
    11. 10.11 Monitoring and Troubleshooting the ASA Cluster
  12. Lesson 11: Application Layer Protocol Inspection
    1. 11.1 How Inspection Engines Work
    2. 11.2 Using the Modular Policy Framework
    3. 11.3 Application Inspection Support
    4. 11.4 Configuring Application Inspection
  13. Lesson 12: Logging
    1. 12.1 Introduction to Logging
    2. 12.2 Logging in Multiple Context Mode
    3. 12.3 Syslog Message Analysis and Severity Levels
    4. 12.4 Configuring Logging
  14. Lesson 13: NetFlow Support
    1. 13.1 NetFlow Introduction
    2. 13.2 Enabling NetFlow Secure Event Logging (NSEL)
    3. 13.3 Troubleshooting NetFlow
  15. Lesson 14: Cisco ASA with FirePOWER Services
    1. 14.1 Introduction to FirePOWER Services
    2. 14.2 Inline Mode vs. Passive Mode
    3. 14.3 Management Access
    4. 14.4 Installing/Re-imaging the FirePOWER Module
    5. 14.5 Configuring the Cisco ASA FirePOWER Module
    6. 14.6 Adding the ASA FirePOWER to the FireSIGHT Management Center
    7. 14.7 Redirecting Traffic to the ASA FirePOWER Module
    8. 14.8 FireSIGHT Management Console
  16. Lesson 15: Threat Detection
    1. 15.1 Basic Threat Detection Statistics
    2. 15.2 Configuring Advanced Threat Detection Statistics
    3. 15.3 Configuring Scanning Threat Detection
    4. 15.4 Monitoring Threat Detection
  17. Summary
    1. Cisco ASA 5500-X Series Next-Generation Firewalls LiveLessons--Workshop: Summary
  18. Q Session
    1. Q Session

Product information

  • Title: Cisco ASA 5500-X Series Next-Generation Firewalls LiveLessons (Workshop)
  • Author(s):
  • Release date: May 2015
  • Publisher(s): Cisco Press
  • ISBN: 0134190963