Год выпуска: 2012
Производитель: CBT Nuggets
Автор: Jeremy Cioara
Тип раздаваемого материала: Видеоурок
Стоимость: 1999 рублей
The exam covered by this training retired in April 2011. However, the course retains considerable value as an IT resource.
Take your ASA skills to the next level! In this course, Jeremy Cioara focuses on ASA’s graphic interface (called the ASDM).
By the time you’ve finished watching, you’ll feel like a network star on SSLVPNs (the next-generationVPN connection for remote users), Certificate-based VPNs and application layer inspection.
Plus, you’ll be fully prepared to add killer SSLVPN technology to your cooperate network, feel a lot more comfortable working with Cisco’s graphic interface and be ready for the 642-515 SNAA certification exam
[wpspoiler name=»Подробное описание» ]
1. Cisco Security: Cisco Certification and Getting the Most from this Course (00:23:21)
With every new program, there is typically an included «Read Me First» text file. In the same sense, consider this nugget the «Watch Me First» of the course. This nugget presents the strategies you can use for getting the most from the course, changes to the Cisco certification program, and the ideal lab equipment to use for the course.
2. Foundations: Access Lists and NAT (00:49:34)
Nothing better to get moving in the Cisco realm than the core configurations of Access Control Lists (ACLs) and Network Address Translation (NAT). This nugget focuses not only on reviewing the core concepts, but demonstrating the configuration of ACLs and ACL Entries (ACEs) using the ASDM. The nugget then moves to the order of operation on the ASA and how it impacts your design and configuration along with core NAT configurations.
3. Foundations: Access Lists and NAT, Part 2 (00:29:28)
The ACLs and NAT continue on as Jeremy focuses on configuring the various types of NAT in the ASDM: NAT 0 Exceptions, Port Forwarding, Static Policy NAT, and Dynamic Policy NAT.
4. Controlling Traffic: Cisco Modular Policy Framework (00:26:31)
Of course, one of the primary goals of the Cisco ASA platform is to control network traffic. Cisco has taken this control to an entirely new level with their Modular Policy Framework (MPF) model of configuration. This nugget walks through the concepts behind MPF and demonstrates the three, core configuration items: class-maps, policy-maps, and service policies.
5. Controlling Traffic: Cisco Modular Policy Framework, Part 2 (00:57:42)
In this nugget, Jeremy takes the Cisco Modular Policy Framework (MPF) to an entirely new level as he walks through multiple, practical examples which culminate by walking through Layer 7 (Application Layer) firewall inspection principles and demonstrations. By time you’re done here, you’ll be saying, «I LOVE REGULAR EXPRESSIONS!!!» (we hope).
6. Protocol Inspection: Advanced Protocols (00:27:30)
You now know that the Cisco ASA has the ability to look deeper into a packet than simple L3 and L4 data. This nugget discusses the application inspection capabilities of the ASA, focusing on using application inspection with the FTP protocol.
7. Protocol Inspection: Advanced Protocols, Part 2 (00:41:41)
The Application Layer inspection continues into the HTTP, Instant Messaging, ESMTP, DNS, and ICMP protocols.
8. Routing and Switching: ASA VLAN Interaction (00:21:14)
Cisco ASA Firewalls have the ability to interact with switch VLANs. This opens an entire realm of firewall possibilities from filtering within your corporate network to isolating companies in an off-site hosting facility. This nugget walks through the concepts and configuration behind implementing VLANs using Cisco ASA Firewalls.
9. Routing and Switching: Dynamic Routing Protocols (00:41:32)
ASA’s are routers too! You’ll be chanting this mantra once you’ve completed this nugget which is focused on the configuration of RIP, OSPF, and EIGRP on ASA Firewalls. We’ve also thrown in a little route redistribution just for fun.
10. VPN Technology: IPSec and Digital Certificates (00:44:28)
In this nugget, Jeremy lays the foundation IPSec and certificate concepts necessary to understand the process used when building certificate-based VPN connections.
11. VPN Technology: Configuring Site-to-Site VPNs with Digital Certificates (00:49:34)
Fasten your seat belts for pure Site-to-Site VPN configuration using Certificate-based authentication! In this nugget, Jeremy goes above and beyond and shows the complete setup of a Microsoft Windows 2003 Certificate Authority (CA) server, installs both CA and Identity certificates on two ASA 5510s, then builds and verifies the Site-to-Site VPN between two locations.
12. VPN Technology: Certificate-Based Remote Access VPNs (00:51:39)
Now that you’ve seen the concept of certificate-based site-to-site VPNs, you can now apply the idea to remote access VPNs using the Cisco VPN client! This nugget is nearly all configuration based as Jeremy builds and tests the power of using certificates to authenticate remote access VPN users.
13. VPN Technology: Advanced Remote Access VPN Features (00:36:18)
Whether you call it «Advanced VPN Features» or «Optional VPN Features,» this nugget is full of configurations you can apply to your VPN connections. Topics covered include load balancing, split tunneling, backup ASA servers, NAT Transparency (NAT-T), reverse route injection (RRI), VPN Hairpinning, and personal firewall options.
14. VPN Technology: ASA5505 as Easy VPN & VPN Quality of Service (00:35:09)
There are many situations where you may find yourself configuring an ASA5505 behind another NAT device (so the outside IP address is private). How do you establish a site-to-site VPN in this situation? That’s where Cisco Easy VPN comes to the rescue! This nugget focuses on both Cisco Easy VPN and VPN Quality of Service (QoS).
15. SSL VPNs: Understanding SSL / WebVPN Technology (00:25:08)
SSL VPNs (or WebVPNs) represent an exciting new development in remote access VPN technology. This nugget is dedicated to describing exactly what this exciting new development means to you along with the three different types of SSL VPNs supported by Cisco: Clientless, Thin Client, and Full Network Access using SVC or Anyconnect.
16. SSL VPNs: Configuring Clientless VPNs (00:53:57)
In this nugget, Jeremy lives in the live ASDM interface as you are taken through the configuration and demonstration of virtually every option behind Clientless and Thin Client SSL VPN connections.
17. SSL VPNs: Configuring Anyconnect VPNs (00:43:00)
Cisco Anyconnect dominates completely any other vendor’s SSL VPN client. At least, that is Jeremy’s unbiased opinion. In this nugget, Jeremy builds upon the previous Clientless SSL VPN by adding the Anyconnect client capability.
18. SSL VPNs: Configuring Anyconnect VPNs, Part 2 (00:22:33)
The Cisco Anyconnect demonstrations continue. This nugget explores the Anyconnect configuration with using client and server certificates generated by the local CA of the Cisco ASA.
19. SSL VPNs: Understanding and Installing Cisco Secure Desktop (00:23:09)
In order to provide Cisco administrators some control of the «anytime, anywhere» freedom provided by SSL VPNs, Cisco has created the Cisco Secure Desktop (CSD). In this nugget, Jeremy explains the concepts and installation procedure of CSD.
20. SSL VPNs: Configuring Cisco Secure Desktop (00:53:52)
Feel the TRUE POWER of CSD. This nugget is dedicated to the complete configuration and demonstration of nearly every CSD feature. By time you’re done here, you’ll be running to implement CSD for your network.
21. SSMs: Understanding AIP-SSM and CSC-SSM (00:18:12)
In addition to the plethora of core functionality offered by the ASA, Cisco also offers «add on modules» known as Security Service Modules (SSMs). This nugget covers the different SSMs (4GE-SSM, SSM-10, SSM-20) along with the two implementations: CSC-SSM and AIP-SSM.