TMNA CTS Training Portal

ASA Essentials (ASAE)

Request a Quote for this class

About this Course

Gain the essential skills required to configure, maintain, and operate Cisco ASA 5500 Series Adaptive Security Appliances based on ASA Software v9.x. If you need to get up to speed quickly with Cisco's Adaptive Security Appliance (ASA), this is the course for you. SLI has combined the most important content from Cisco's Authorized FIREWALL v2.0 and VPN v2.0 courses and added additional information on the new features in v9.x software to hone in on the most crucial aspects of the ASA. In just one week, students will cover: Firewall Basics, Network Address Translation (NAT), Access Control Lists (ACLs), Object Groups, Stateful Inspection, Modular Policy Framework, PKI Integration, Site-to-site and Remote Access VPN (both IPsec and SSL), Active/Standby Failover, Server-based Authentication, Authorization, and Accounting (AAA) using ACS 5.2 and Cisco Identity Services Engine (ISE). Students will complete their training with high availability failover coverage, including an exclusive demonstration of what happens to firewall connections and VPN sessions during a device failure.

Audience Profile

  • Network administrators, managers, and coordinators
  • Anyone who requires fundamental training on the
  • ASA Security technicians, administrators, and engineers

At Course Completion

Upon completing this course, students will be able to:

  • Technology and features of the Cisco ASA
  • Cisco ASA product family
  • How ASAs protect network devices from attacks
  • Bootstrap the security appliance
  • Prepare the security appliance for configuration via the Cisco Adaptive Security Device Manager (ASDM)
  • Launch and navigate ASDM
  • Essential security appliance configuration using ASDM and the command-line interface (CLI)
  • Configure dynamic and static address translations
  • Configure access policy based on ACLs
  • Use object groups to simplify ACL complexity and maintenance
  • Use the Modular Policy Framework to provide unique policies to specific data flows
  • Handle advanced protocols with application inspection
  • Troubleshoot with syslog and tcp ping
  • Configure the ASA to work with Cisco Secure ACS 5.2 for RADIUS-based AAA of VPNs
  • Basics of Identity Services Engine (ISE) integration
  • Implement site-to-site IPsec VPN
  • Implement remote access IPsec and SSL VPNs using the Cisco AnyConnect 3.0 Secure Mobility Client
  • Work with the 5.x Legacy Cisco IPsec VPN client
  • Deploy clientless SSL VPN access, including smart tunnels, plug-ins, and web-type ACLs
  • Configure access control policies to implement your security policy across all classes of VPN
  • Configure Active/Standby failover for both firewall and VPN high availability

Prerequisites

It is recommended that prior to taking this course, students have successfully completed the following: IINS v2.0 - Implementing Cisco IOS Network Security

Course Outline

Module 1: Cisco ASA Essentials

  • Lesson 1: Evaluating Cisco ASA Technologies
  • Lesson 2: Identifying Cisco ASA Families

Module 2: Basic Connectivity and Device Management

  • Lesson 1: Preparing the Cisco ASA for Network Integration
  • Lesson 2: Managing Basic Cisco ASA Network Settings
  • Lesson 3: Configuring Cisco ASA Device Management Features

Module 3: Network Integration

  • Lesson 1: Configuring Cisco ASA NAT Features
  • Lesson 2: Configuring Cisco ASA Basic Access Control Features

Module 4: Cisco ASA Policy Control

  • Lesson 1: Cisco ASA Modular Policy Framework
  • Lesson 2: Configuring Cisco ASA Connection Policy

Module 5: Cisco ASA VPN Architecture and Common Components

  • Lesson 1: Implementing Profiles, Group Policies, and User Policies
  • Lesson 2: Implementing PKI Services

Module 6: Cisco ASA Clientless Remote Access SSL VPN Solutions

  • Lesson 1: Deploying Basic Clientless VPN Solutions
  • Lesson 2: Deploying Advanced Application Access for Clientless SSL VPNs

Module 7: Cisco AnyConnect Remote Access SSL Solutions

  • Lesson 1: Deploying a Basic Cisco AnyConnect Full-Tunnel SSL VPN Solution

Module 8: Cisco ASA Remote Access IPsec VPNs

  • Lesson 1: Deploying Cisco Remote Access VPN Clients
  • Lesson 2: Deploying Basic Cisco Remote Access IPsec VPN Solutions

Module 9: Cisco ASA Site-to-Site IPsec VPN Solutions

  • Lesson 1: Deploying Basic Site-to-Site IPsec VPNs
  • Lesson 2: Deploying Advanced Site-to-Site IPsec VPNs

Module 10: Cisco ASA High Availability and Virtualization

  • Lesson 1: Configuring Cisco ASA Active/Standby High Availability


Lab Outline

  • Lab 1: Prepare the ASA for Administration
  • Lab 2: Fundamental ASA Configuration
  • Lab 3: Network Address Translation (NAT)
  • Lab 4: Basic Access Control
  • Lab 5: Basic Protocol Inspection
  • Lab 6: Licensing, ACS, and Public CA
  • Lab 7: Basic Clientless SSL VPN
  • Lab 8: Clientless SSL VPN - Thin Apps
  • Lab 9: Basic AnyConnect Full Tunnel SSL VPN
  • Lab 10: Remote Access IPSec VPN
  • Lab 11: IPSec Site-to-Site VPN
  • Lab 12: Active/Standby Failover