Год выпуска: 2011
Производитель: CBT Nuggets
Автор: Michael Shannon
Тип раздаваемого материала: Видеоурок
Стоимость: 1999 рублей
Since the firewall system is usually the first solution deployed by an organizations, anyone involved in security — from a small- or home-office to a large enterprise — will benefit from this course in a major way. And of course, by passing the 642-617 exam, you’ll be on your way to achieving CCNP Security certification!
In this course, you’ll learn all about the features of the ASA for protecting your security domains and the incredible Modular Policy Framework using the Adaptive Security Appliance Device manager (ASDM). You also learn and see different ASA appliances and modular solutions in action. Other cool topics include Layer 5-7 Inspection, Transparent Firewall and ASA High-Availability solutions.
Once you finish this Nugget course, you’ll have the knowledge and skills required to deploy and maintain Cisco ASA-based perimeter solutions. And, you’ll be equipped to protect your IT infrastructure and applications from risks using Cisco ASA features, as well as provide thorough operational support for the Cisco Adaptive Security Appliance.
[wpspoiler name=»Подробное описание» ]1. Introduction to FIREWALL (00:14:45)
This inroductory Nugget walks you through the CCNP Security path from Cisco. You will learn all about the exam as well as the general topics covered. Finally, you will learn a winning strategy for getting the most out of this FIREWALL course to prepare you for real-world application as well as exam success.
2. ASA Technology and Features (00:32:09)
Here you will discover the different firewall systems and how they can be applied to security domains (also called zones). You will explore various firewall technologies as well. The features of the Adaptive Security Appliance (ASA) will be investigated. You will finish will an assortment of real-world deployment scenarios.
3. Security Appliance Family (00:21:40)
This Nugget offers a comprehensive look at the appliance family from Cisco Systems. You will learn about the ASA «front-to-back» as well as various modular solutions. No discussion would be complete without the tricky topics of licensing — so that is covered here as well. This one wraps up with a discussion of basic hardware troubleshooting.
4. Initial Setup and Configuration (00:35:09)
In module 4 of the Firewall Course you finally get your «virtual» hands on the actual device. This Nugget is really one long demonstration on real equipment. Topics include the ASA boot process, built-in configurations, configuration modes, the ASA file system, initial ASA setup, and ASDM basics.
5. Interfaces and Static Routes (00:34:09)
Yes! The ASA is actually a switch and a router appliance and here you will discover the Adaptive Security Algorithm security levels, interface configuration, VLAN configuration, static routing, and DHCP client and server functionality.
6. Configuring ASA Management (00:34:03)
The Cisco Security Professional must master device management before the firewall is deployed. In this Nugget, you will learn the management options, configure basic management settings, discover NTP v2 and v3 along with NetFlow v5 and v9, tackle file system management, and learn about software and key activation.
7. Basic Access Control (00:40:21)
Who will actually be accessing your ASA to manage it and from where will they do it? Let’s discover remote access protocol channels, configure remote management, control ASA authentication, and perform password recovery on the appliance.
8. Modular Policy Framework (00:42:01)
In this Nugget you will move up to the big leagues by getting away from old-school access control methods to the newer and more powerful Modular Policy Framework (MPF). Topics include access rules and object grouping, planning for MPF, configuring layer 3-4 policies, configuring layer 5-7 policies, and deploying traffic management policies with MPF.
9. Stateful Inspection (00:29:21)
This module is actually MPF part two. We continue the look at traffic policy as well as tuning layer 3-4 inspection. You will discover some excellent advanced connection settings along with support for dynamic protocols. Finally you will explore troubleshooting your existing layer 3-4 application inspection.
10. Application Layer Policy (00:29:55)
Here you will delve deeper into Deep Packet Inspection (DPI) otherwise known as Application Inspection and Control (AIC). Protocols include HTTP, FTP, DNS, ESMTP, and others.
11. Advanced Access Controls (00:29:09)
Advanced topics in this Nugget include: TCP Intercept; Botnet Traffic Filter; and Basic, Advanced, and Scanning Threat Detection.
12. Resource Configuration (00:22:12)
There is only a finite amount of resources on the ASA and it is very platform and license-specific. So, let’s learn about resource limits and guarantees, TCP and UDP connection limits, QoS traffic policing, traffic shaping, and priority queueing.
13. User-Based Policies (00:38:24)
There are some very clever ways to allow individual users to «cut-through» the firewall on an ad-hoc basis depending on the circumstances. Here you will learn about user authentication, prompts and timeouts, user authorization, user session accounting, and troubleshooting user-based policies.
14. NAT and PAT (00:40:41)
No discussion of firewall systems would be complete without a look at our old friends NAT and PAT. This Nugget explores the special relationship between NAT and the ASA, NAT Control, Dynamic NAT and PAT, Static NAT and PAT, NAT Bypass techniques, and Outside NAT scenarios.
15. Transparent Firewall (00:26:09)
Transparent Firewall is another way to deploy your ASA without causing too much disruption to existing network services and topology. After an overview of transparent mode you will configure a transparent firewall. Next, you will explore layer 3-4 access control and layer 2 access control on your ASA. Finally, you will troubleshoot your transparent mode ASA.
16. ASA Virtualization (00:32:38)
Virtualization is certainly a hot topic lately. Not to be left out, the Cisco ASA provides virtualization in the form of additional Security Contexts. Once we define them we will configure them. Next, we will investigate security context management and then troubleshoot multicontext mode on the ASA.
17. Active-Standby Failover (00:29:19)
High-availability is a mission-critical necessity for today’s SMB and enterprise organizations. In this Nugget, you will first discover the power of redundant interfaces. Then, you will learn about the ASA Active/Standby Failover model. Next, you will see the configuration of an A/S failover solution on an appliance. Finally, you will explore some important troubleshooting commands.
18. Active-Active Failover (00:32:34)
So, you say that Active/Standby Failover isn’t robust enough for your enterprise? Well, let’s try an Active/Active Failover on for size. Here you will learn A/A Failover in a nutshell, configure Active/Active Failover, tune your A/A solution, and look at some key troubleshooting concepts.
19. Security Services Modules (00:33:09)
In this Nugget of the Firewall Course you will explore the Cisco Security Services Modules (SSM) including the AIP-SSM and AIP-SSC for Intrusion Prevention and the CSC-SSM for anti-x content security.
20. Firewall Exam Notes (00:29:48)
This final Nugget wraps up the course with special notes for the exam-takers. Some valuable exam strategies are provided along with key exam tips.[/wpspoiler]