|
|
Title |
Duration |
|
|
|
Introduction to FIREWALL
This inroductory Nugget walks you through the CCNP Security path from Cisco. You will learn all about the exam as well as the general topics covered. Finally, you will learn a winning strategy for getting the most out of this FIREWALL series to prepare you for real-world application as well as exam success.
|
00:14:45 |
|
|
|
ASA Technology and Features
Here you will discover the different firewall systems and how they can be applied to security domains (also called zones). You will explore various firewall technologies as well. The features of the Adaptive Security Appliance (ASA) will be investigated. You will finish will an assortment of real-world deployment scenarios.
|
00:32:09 |
|
|
|
Security Appliance Family
This Nugget offers a comprehensive look at the appliance family from Cisco Systems. You will learn about the ASA "front-to-back" as well as various modular solutions. No discussion would be complete without the tricky topis of licensing - so that is covered here as well. This one wraps up with a discussion of basic hardware troubleshooting.
|
00:21:40 |
|
|
|
Initial Setup and Configuration
In module 4 of the Firewall Series you finally get your "virtual" hands on the actual device. This Nugget is really one long demonstration on real equipment. Topics include the ASA boot process, built-in configurations, configuration modes, the ASA file system, initial ASA setup, and ASDM basics.
|
00:35:09 |
|
|
|
Interfaces and Static Routes
Yes! The ASA is actually a switch and a router appliance and here you will discover the Adaptive Security Algorithm security levels, interface configuration, VLAN configuration, static routing, and DHCP client and server functionality.
|
00:34:09 |
|
|
|
Configuring ASA Management
The Cisco Security Professional must master device management before the firewall is deployed. In this Nugget, you will learn the management options, configure basic management settings, discover NTP v2 and v3 along with NetFlow v5 and v9, tackle file system management, and learn about software and key activation.
|
00:34:03 |
|
|
|
Basic Access Control
Who will actually be accessing your ASA to manage it and from where will they do it? Let's discover remote access protocol channels, configure remote management, control ASA authentication, and perform password recovery on the appliance.
|
00:40:21 |
|
|
|
Modular Policy Framework
In this Nugget you will move up to the big leagues by getting away from old-school access control methods to the newer and more powerful Modular Policy Framework (MPF). Topics include access rules and object grouping, planning for MPF, configuring layer 3-4 policies, configuring layer 5-7 policies, and deploying traffic management policies with MPF.
|
00:42:01 |
|
|
|
Stateful Inspection
This module is actually MPF part two. We continue the look at traffic policy as well as tuning layer 3-4 inspection. You will discover some excellent advanced connection settings along with support for dynamic protocols. Finally you will explore troubleshooting your existing layer 3-4 application inspection.
|
00:29:21 |
|
|
|
Application Layer Policy
Here you will delve deeper into Deep Packet Inspection (DPI) otherwise known as Application Inspection and Control (AIC). Protocols include HTTP, FTP, DNS, ESMTP, and others.
|
00:29:55 |
|
|
|
Advanced Access Controls
Advanced topics in this Nugget include: TCP Intercept; Botnet Traffic Filter; and Basic, Advanced, and Scanning Threat Detection.
|
00:29:09 |
|
|
|
Resource Configuration
There is only a finite amount of resources on the ASA and it is very platform and license-specific. So, let's learn about resource limits and guarantees, TCP and UDP connection limits, QoS traffic policing, traffic shaping, and priority queueing.
|
00:22:12 |
|
|
|
User-Based Policies
There are some very clever ways to allow individual users to "cut-through" the firewall on an ad-hoc basis depending on the circumstances. Here you will learn about user authentication, prompts and timeouts, user authorization, user session accounting, and troubleshooting user-based policies.
|
00:38:24 |
|
|
|
NAT and PAT
No discussion of firewall systems would be complete without a look at our old friends NAT and PAT. This Nugget explores the special relationship between NAT and the ASA, NAT Control, Dynamic NAT and PAT, Static NAT and PAT, NAT Bypass techniques, and Outside NAT scenarios.
|
00:40:41 |
|
|
|
Transparent Firewall
Transparent Firewall is another way to deploy your ASA without causing too much disruption to existing network services and topology. After an overview of transparent mode you will configure a transparent firewall. Next, you will explore layer 3-4 access control and layer 2 access control on your ASA. Finally, you will troubleshoot your transparent mode ASA.
|
00:26:09 |
|
|
|
ASA Virtualization
Virtualization is certainly a hot topic lately. Not to be left out, the Cisco ASA provides virtualization in the form of additional Security Contexts. Once we define them we will configure them. Next, we will investigate security context management and then troubleshoot multicontext mode on the ASA.
|
00:32:38 |
|
|
|
Active-Standby Failover
High-availability is a mission-critical necessity for today's SMB and enterprise organizations. In this Nugget, you will first discover the power of redundant interfaces. Then, you will learn about the ASA Active/Standby Failover model. Next, you will see the configuration of an A/S failover solution on an appliance. Finally, you will explore some important troubleshooting commands.
|
00:29:19 |
|
|
|
Active-Active Failover
So, you say that Active/Standby Failover isn't robust enough for your enterprise? Well, let's try an Active/Active Failover on for size. Here you will learn A/A Failover in a nutshell, configure Active/Active Failover, tune your A/A solution, and look at some key troubleshooting concepts.
|
00:32:34 |
|
|
|
Security Services Modules
In this Nugget of the Firewall Series you will explore the Cisco Security Services Modules (SSM) including the AIP-SSM and AIP-SSC for Intrusion Prevention and the CSC-SSM for anti-x content security.
|
00:33:09 |
|
|
|
Firewall Exam Notes
This final Nugget wraps up the series with special notes for the exam-takers. Some valuable exam strategies are provided along with key exam tips.
|
00:29:48 |
