VPN 2.0 – Deploying Cisco ASA VPN Solutions Training

VPN 2.0 – Deploying Cisco ASA VPN Solutions Training

Course Delivery

This Course is available in the following format:

Request this course in a different delivery format

GSA Schedule 70 Saving for Government Customers

Course Overview:

VPN 2.0 – Deploying Cisco ASA VPN Solutions Training Course with Hands-on Exercises

Cisco is making your network more secure, bringing advanced features into the 9.1 release of its award-winning Adaptive Security Appliance (ASA) family of products, including:

• Support for IPsec LAN-to-LAN tunnels to encrypt failover and state link communications
• Support for private VLANs on the ASA Services Module
• ASA 5585-X support for network modules
• Support for NetFlow flow-update events and an expanded set of NetFlow templates
• Improved Host Scan and ASA Interoperability
• Clientless SSL VPN: Windows 8 Support

This hands-on 2-day VPN 2.0 – Deploying Cisco ASA VPN Solutions Training workshop immerses you into the new features, configuration, operations and updating to Cisco ASA version 9.1 (ASDM 7.1). You will get a hands-on experience updating the ASA, and working with the new features.

Customize It:

• If you are familiar with some aspects of this VPN 2.0 – Deploying Cisco ASA VPN Solutions Training course, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the VPN 2.0 – Deploying Cisco ASA VPN Solutions Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the VPN 2.0 – Deploying Cisco ASA VPN Solutions Training course in manner understandable to lay audiences.

Related Courses:

SWSA Training – Securing the Web with Cisco Web Security Appliance Training 2.1
SSFSNORT Training- Securing Cisco Networks with Open Source Snort Training

Audience / Target Group:

The target audience for this VPN 2.0 – Deploying Cisco ASA VPN Solutions Training course:

• Security Architects & System Designers
• Network Administrators & Operations Engineers
• Network or Security Managers responsible for Web Security
• Cisco WSA Customers
• Cisco Channel Partners
• Cisco Channel Partner Field Engineers preparing for the Web Security Field Engineer (WSFE) Exam• Employees

What You Will Learn:

Upon completing this VPN 2.0 – Deploying Cisco ASA VPN Solutions Training course, learners will be able to meet these objectives:

• This course is based on the Cisco ASA software release 9.1 (ASDM 7.1) and details the differences between the software versions 8.3, 8.4, 9.0 and 9.1. Students learn how to successfully deploy a software update from version 8.x to 8.4/91, learn about the new features of Cisco AnyConnect and SSL VPN and receive knowledge of IPv6 in combination with the Cisco ASA solution.

VPN 2.0 – Deploying Cisco ASA VPN Solutions Training – Course Syllabus:

Module 1 – ASA Appliance Overview

• The Cisco ASA 5500 Series: Performance differences
• The Cisco ASA 5500 Series: hardware differentiation
• The ASA 100v
• ASA 5585-X Features
• Identifying ASA Licensing Options
• Additional New Features for ASA

Module 2 – Configuring ASA Network Address Translation

• NAT Overview for version 8.3 and later
• Configuring Object (Auto) NAT
• Configuring Manual NAT
• Tuning and Troubleshooting NAT on the ASA

Module 3 – Configuring ASA Basic Access Control Features

• Connection Table and Local Host Table
• Configuring and Verifying Interface ACLs
• Configuring and Verifying Global ACLs
• Configuring and Verifying Object Groups
• Configuring and Verifying Public-facing Servers

Module 4 – Configuring Cisco ASA Identity Firewall

• Configuring and Verifying Identity Firewall
• Installing and configuring the Context Directory Agents
• Deployment Scenarios
• Identity Firewall Workflow
• Installing and Configuring the AD Agent
• Configuring the AD Domain
• Configuring the Identity Options
• Identity Firewall Access Rules

Module 5 – Configuring the Cisco ASA Transparent Firewall

• Transparent Firewall Essentials
• Transparent Firewall Configuration Tasks
• Configuring and Verifying Transparent Firewall Mode
• Configuring and Verifying Transparent Firewall Layer 3 through 7 Access Controls
• Configuring and Verifying Transparent Firewall Layer 2 Access Controls
• Troubleshooting Transparent Firewalls

Module 6 – Configuring Cisco ASA High Availability

• Configuring and Verifying EtherChannel
• Troubleshooting EtherChannel Interfaces
• Active/Standby or Active/Active New Features
• ASA Clustering

Module 7 – Evaluating the Cisco ASA VPN Subsystem Architecture VPN

• Comparing Cisco ASA VPN Technologies
• Evaluating Cisco ASA IPv6 VPN Capabilities
• Evaluating Cisco AnyConnect 3.0 Components

Module 8 – Cisco ASA Site-to-Site IPsec VPN Solutions with IKEv2

• Configuring Basic Peer Authentication with PSK
• Configuring Transmission Protection

Module 9 – Cisco ASA Remote Access VPN with IKEv2

• Using IKEv2 for Remote Access IPSec
• Troubleshooting Basic Cisco Remote Access IPSec VPN Operations


Configuring NAT

• Task 1: Configure Object NAT for the Client Network and DMZ Server
• Task 2: Configure Manual NAT for the DMZ Server and Client Network

Configuring Basic Cisco Access Control Features

• Task 1: Configure Network and Service Object Groups
• Task 3: Configure Access Lists
• Task 4: Configure Public Servers
• Task 5: Configure Global Access Lists

Identity Firewall

• Task 1: Join the Client to the AD
• Task 2: Installing and Configuring the Active Directory Agent
• Task 3: Configuring the Identity Options on the ASA

Configuring Transparent Firewall

• Task 1: Change Network Parameters on the Client PC
• Task 2: Enable Transparent Firewall Mode
• Task 3: Configure Bridge Group, Interfaces, and Management Settings on the Security Appliance
• Task 4: Verify Connectivity over the Transparent Firewall
• Task 5: Enable Basic Access Controls on a Transparent Cisco ASA Security Appliance
• Task 6: Disable Transparent Firewall Mode

Deploying a Basic Cisco ASA Security Appliance IPsec IKEv2 Site-to-Site VPN

• Task 1: Configure the Cisco ASA 5510 Adaptive Security Appliance for Site-to-Site VPN Using PSKs and IKEv2
• Task 2: Establish a Site-to-Site VPN Tunnel with PSKs
• Task 3: Modify the Existing Connection to Use Digital Certificates for Authentication
• Task 4: Establish a Site-to-Site VPN Tunnel with Digital Certificates

Deploying Basic Remote Access IPsec VPN with IKEv2

• Task 1: Modify an Existing Profile to Support IPsec Remote Access
• Task 2: Connect to the Cisco ASA Security Appliance Using IPsec

Whether you are looking for general information or have a specific question, we want to help!

Request More Information

Print Friendly, PDF & Email