Description

The Course Name: SENSS – Implementing Cisco Edge Network Security Solutions 1.0

The Course Duration: 5 Days

The Overview:

The purpose of this course is to teach participants how to  configure Cisco perimeter edge security solutions utilizing Cisco switches, Cisco routers, and Cisco Adaptive Security Appliance (ASA) firewalls and to implement and manage security on Cisco ASA firewalls, Cisco routers with the firewall feature set, and Cisco switches.

What You Will Learn

  • Security threat landscape
  • How to implement Cisco modular network security architectures such as SecureX and TrustSec
  • How to deploy Cisco infrastructure management and control plane security controls
  • How to configure Cisco Layer 2 and Layer 3 data plane security controls
  • How to implement and maintain Cisco ASA Network Address Translations (NAT)
  • How to implement and maintain Cisco IOS Software NAT
  • How to Design and deploy Cisco Cyber Threat Defense solutions on a Cisco ASA utilizing access policy and application and identity based inspection
  • How to implement Botnet Traffic Filters
  • How to deploy Cisco IOS Zone-Based Policy Firewalls (ZBFW)
  • How to configure and verify Cisco IOS ZBFW Application Inspection Policy
  • Designing and deploying Cisco Threat Defense solutions on a Cisco ASA utilizing access policy and application and identity based inspection.
  • Implementing Botnet Traffic Filters.
  • Deploying Cisco IOS Zone-Based Policy Firewalls (ZBFW).
  • Configure and verify Cisco IOS ZBFW Application Inspection Policy.

The Course Index:

  1. Secure Design Principles
  • Course Overview
  • Network Security Zoning
  • Cisco Module Network Security Architecture
  • Cisco SecureX Architecture
  • Cisco TrustSec Solution
  1. Deploying Network Infrastructure Protection
  • Introducing Cisco Network Infrastructure Protection
  • Deploying Cisco IOS Control Plane Security Controls
  • Deploying Cisco IOS Management Plane Security Controls
  • Deploying Cisco ASA Management Plane Security Controls
  • Deploying Cisco Traffic Telemetry Methods
  • Deploying Cisco IOS Layer 2 and Layer 3 Data Plane Security Controls
  1. Deploying NAT on Cisco IOS and Cisco ASA
  • Introducing Network Address Translation
  • Deploying Cisco ASA Network Address Translation
  • Deploying Cisco IOS Software Network Address Translation
  1. Deploying Threat Controls on Cisco ASA
  • Introducing Cisco Firewall Threat Controls
  • Deploying Basic Cisco ASA Access Policies
  • Deploying Advanced Cisco ASA Application Inspection Policies
  • Deploying Cisco ASA Botnet Traffic Filtering
  • Deploying Cisco ASA Identity Based Firewall
  1. Deploying Threat Controls on Cisco IOS Software
  • Deploying Basic Cisco IOS Software with Basic Zone-Based Firewall Access Policies
  • Deploying Advanced Cisco IOS Software ZBFW with Application Inspection Policies

Labs:

Lab 1: Configuring Configure Cisco Policy Protection (CPP) and Management Plane Protection (MPP)

Lab 2: Configure Traffic Telemetry Methods

Lab 3: Configure Layer 2 Data Plan Security

Lab 4: Configure Layer 2 Data Plan Security

Lab 5: Configure NAT on Cisco Adaptive Security Appliance (ASA) Firewall

Lab 6: Configure NAT on Cisco IOS Software

Lab 7: Configure Cisco ASA Access Policy

Lab 8: Configure Cisco ASA Application Inspection Policy

Lab 9: Configure Cisco ASA Botnet Traffic Filter

Lab 10: Configure Cisco ASA Identity Based Firewall

Lab 11: Configure Cisco IOS Software Zone-Based Firewall (ZBFW)

Lab 12: Configure Cisco IOS Software ZBFW Application Inspection Policy Lab Activity Solutions