Try our training for free.

Gain instant access to our entire IT training library for 1 week. Train anytime on your desktop, tablet, or mobile devices.

This Implementing Cisco Edge Network Security Solutions (SENSS) course provides training on how to configure and implement security on Cisco network perimeter edge devices such as a switch, router, and ASA firewall....
This Implementing Cisco Edge Network Security Solutions (SENSS) course provides training on how to configure and implement security on Cisco network perimeter edge devices such as a switch, router, and ASA firewall.

Recommended Skills:
  • CCNA Route/Switch and CCNA Security certification (or equivalent knowledge and skills)
  • Knowledge of Microsoft Windows
  • CCNA Security is a pre-requisite for the CCNP Security certification

Recommended Equipment:
  • Switch, IOS and ASA. Emulated IOS and ASA may be used.

Related Certifications:
  • CCNP Security. This course (SENSS exam # 300-206) is part of the curriculum in the Cisco Certified Network Professional Security (CCNP© Security) certification

Related Job Functions:
  • Network Analyst
  • Network Engineer
  • Network Technician
  • Network Designer
  • Security Analyst
  • Security Auditor
  • Penetration Tester
  • Security Architect
  • Technical Manager

In this course, you will learn how to implement and manage security on Cisco ASA firewalls, routers, and switches, as well as how to configure perimeter security solutions for mitigating threats against your network. As part of your studies regarding the ASA, it's also recommended that you watch the CBT Nuggets "CCNP Security Firewall" course for advanced ASA features including failover, transparent firewall, and multiple contexts.
1. Welcome (7 min)
2. Port Security (25 min)
3. DHCP Snooping (29 min)
4. Dynamic ARP Inspection (DAI) (32 min)
5. Source Guard (15 min)
6. Storm Control (28 min)
7. Private VLANs (21 min)
8. Protected Ports (10 min)
9. VACLs, pACLs, and MACsec (15 min)
10. Remote Management (23 min)
11. RSA SSH Authentication (17 min)
12. SNMPv3 - CPPr (32 min)
13. iACLs (20 min)
14. uRPF (21 min)
15. NetFlow (27 min)
16. NAT and PAT (22 min)
17. Zone-Based Firewalls (42 min)
18. AAA (34 min)
19. Best Practices (26 min)
20. ASA CLI L3-4 (45 min)
21. ASA CLI L5-7 (25 min)
22. ASA Packet Capture (21 min)
23. Botnet Filtering (20 min)
24. Context Directory Agent (19 min)
25. Security Virtualization and IPS (15 min)
26. Management Tools (10 min)
27. IPv6 Security (12 min)



Hello. My name is Keith Barker. And on behalf of the entire CBT Nuggets family, welcome to Implementing Cisco Edge Network Security Solutions. Let's begin. Whenever I hear about a really great tip or idea, I like to do two things with that. Number one, I like to go ahead and incorporate that if I can use it.


And then secondly, I like to share it with others. And what I'd like to do is share with you some ideas and tips that we can use together as you and I go through this course, to get the absolute most from this course. Now as the starting point, let's make sure we're on the same page of where we are.


This is the Implementing Edge Network Security Solutions course. And Cisco has the acronym of SENSS for that. The S is for Secure. And then there's the Edge Network Security Solutions. And that's the acronym they came up with. That acronym and this title also corresponds to 300-206 which is the exam number for those who want to pursue certification regarding this content.


And I remember my father sharing with me the age old saying that, if you give a man a fish, he eats for a day. If you teach him how to fish, he eats for a lifetime. And it's my clear intention for you that, as we go through this course together, your skills will improve.


So that you will be able to improve the security posture on networks that you're either designing and implementing or networks that you're currently supporting. Now regarding any type of certification from Cisco-- if we ever need to find out, what's the latest information regarding a certain certification, the best source to go to for that, as far as the numbers involved and what it takes to get a Cisco certification, the best resource is Cisco's website.


So this is the homepage for Cisco's website. And I'm going to put my cursor right here in the search field. And I'm going to press Enter. You can also put some characters into a search. But what we're after is this link right here-- Training and Events. If we click on Training and Events, and then on the right-hand side, go to Cisco's Certifications, from here we have a bird's eye view of the certifications available from Cisco.


So we scroll down just a little bit. Here we have our entry level certifications, the CCENT. The associate certification, which are mostly the CCNAs. And if we scroll down a little further, we have the professional, including the CCNP Security. And then the expert level where most of the certifications are CCIE.


So in our case, if we take a look at CCNP Security and scroll down just a little bit, here it has the prerequisites which says you need to be a CCNA Security before Cisco will award you a CCNP Security. And to achieve a CCNP Security, these are the four exams that you must take and pass to become a CCNP Security.


And out of the four exams required for CCNP Security, our focus in this course is the Edge Network Security Solutions. And so from here, if we click on that link for SENNS, and we go to Exam Topics and scroll down just a little bit, and here we have an overview of the blueprint for that certification exam.


So we can click on Details here and expand any one of those. Or we can download or look at the entire PDF. So going forward, in the future, if you ever need to find out the details regarding what does Cisco require for this certifications or that certification, the best way to find out is go to the website yourself and see what the latest information is directly from Cisco regarding their blueprints for their certifications.


So regarding this course that we're going to enjoy together, going through it video by video, one of the first tips I'd like to share with you is make sure that you watch all the videos. That's this guy right here. Plus I'm going to ask you to watch any specific videos that I call out in these videos.


Now because it's fresh on my mind, let's take an example of IPv6. Now in this course, we're going to take a look at specifically some technologies that we can use to increase IPv6 security. But I also, in that video, recommend that if you don't yet know IPv6, maybe you go pop over to the IPv6 course. And I have a few videos in that course that I strongly recommend that you watch, if you're not yet familiar with IPv6. And because our focus in this course is implementing security, I also may refer you to another video at CBT Nuggets where, if you want to learn how to do, for example, penetration testing or taking advantage of a naked vulnerability in a protocol like IPv6, how you could do that, as well.


So again in the video on IPv6 security, there's a recommendation for people who want to to go ahead and take a look at the pen testing video, which is called penetration testing with Linux tools that uses some of the tools in BackTrack and Kali Linux to actually implement an attack against IPv6 vulnerabilities. So my tip is as we're going through these videos, if I do an audible, and I call out saying, hey, this specific video in this specific course I think would be a great idea if you watched it to help reinforce the concepts, I'd like you take those recommendations as a literal request.


Especially if your intent is, at some point, to go ahead and take a Cisco certification regarding this content. You'll want to watch every single video in this course plus the videos that I recommend. Another recommendation that will be really helpful in learning the content is to take notes as we go through it together either with a pad of paper and a pen or pencil or electronically.


Just go ahead and jot down notes as we go through the content together. That will assist you in remembering and internalizing that content. And where possible, I would strongly encourage you, in a safe practice environment, not on your production network for your first go, but in a safe environment, I'd like you to practice and verify the techniques that we're learning together.


The environments that we're going to be working on are switch environments and Cisco iOS router environments and the adaptive security appliance. So if you have, in a test environment, either virtualized or physical gear, again I would strongly recommend that you practice and verify everything that we go through in these videos together.


And as you practice these techniques, that will serve you very well. Because again, it's another method for internalizing the information and getting some hands-on practice in implementing these security techniques. Another powerful method that can help us really learn content is to teach others.


So if you have a loved one, family member, coworker, someone who will listen to you, I would strongly recommend you teach them the content. My wife, bless her heart, she has indulged me by allowing me to teach her lots and lots of content. And she'll just sit there and nod and listen.


And really the benefit is for me because, as I teach a concept to someone, I can hear the words coming out my mouth. It also gives me an opportunity to identify areas where maybe I'm a little weak in that area. I can improve on that. And if you're teaching it to somebody else, who's another technical person, it's a win-win.


Because as the tide rises, all boats rise as well. And one of the huge factors for me, as well, is to have fun. And I absolutely did have a lot of fun creating these videos with the knowledge that you and I would be going through them together. I would also encourage you to have fun.


Every step of the way, enjoy the journey. Because at the end of the day, that's what life is all about. It's about our experiences, our memories, and the actions we take. So in keeping this intro fairly short so that you and I can get right into the content of implementing edge network security solutions.

Port Security

DHCP Snooping

Dynamic ARP Inspection (DAI)

Source Guard

Storm Control

Private VLANs

Protected Ports

VACLs, pACLs, and MACsec

Remote Management

RSA SSH Authentication






Zone-Based Firewalls


Best Practices



ASA Packet Capture

Botnet Filtering

Context Directory Agent

Security Virtualization and IPS

Management Tools

IPv6 Security

Please help us improve by sharing your feedback on training courses and videos. For customer service questions, please contact our support team. The views expressed in comments reflect those of the author and not of CBT Nuggets. We reserve the right to remove comments that do not adhere to our community standards.

comments powered by Disqus
Advanced 10 hrs 27 videos


Basic Plan Features

Speed Control
Included in this course
Play videos at a faster or slower pace.

Included in this course
Pick up where you left off watching a video.

Included in this course
Jot down information to refer back to at a later time.

Closed Captions
Included in this course
Follow what the trainers are saying with ease.

Included in this course
Files/materials that supplement the video training

Premium Plan Features

Practice Exams
These practice tests help you review your knowledge and prepare you for exams.

Virtual Lab
Use a virtual environment to reinforce what you are learning and get hands-on experience.

Offline Training
Included in this course
Our mobile apps offer the ability to download videos and train anytime, anywhere offline.

Accountability Coaching
Included in this course
Develop and maintain a study plan with assistance from coaches.
Keith Barker
Nugget trainer since 2012