Cisco ASA Firewall - CCNP Security

CCNP - Cisco Certified Network professional. This is the advanced level certification program from Cisco. This is meant for professionals who want to gain a deeper understanding of networking technologies with an emphasis on planning and implementing LANs and WANs. The CCNP program helps the engineer bring together technologies like wireless, VoIP, security into a comprehensive whole.

We offer the CCNP as three specialized courses-Routing and Switching, Security and Voice. The prerequisite for each is a CCNA in the respective specializations. The CCNP program is taught by senior network engineers in a world class environment with state of the art labs and infrastructure.

Course Outline

CCNP - Security

  • Deploying Cisco ASA Firewall solutions
  • Deploying Cisco VPN solutions
  • Implementing Cisco Intrusion Prevention System

CCNP Security Course Curriculum

Cisco Adaptive Security Appliance (Cisco ASA) Essentials

  • Evaluating Cisco ASA Technologies
  • Identifying Cisco ASA Families
  • Identifying Cisco ASA Licensing Options

Basic Connectivity and Device Management

  • Preparing the Cisco ASA for Network Integration
  • Managing Basic Cisco ASA Network Settings
  • Configuring Cisco ASA Device Management Features

Network Integration

  • Configuring Cisco ASA NAT Features
  • Configuring Cisco ASA Basic Access Control Features
  • Configuring Cisco ASA Routing Features
  • Configuring the Cisco ASA Transparent Firewall

Cisco ASA Policy Control

  • Defining the Cisco ASA MPF
  • Configuring Cisco ASA Connection Policy and QoS Settings
  • Configuring Cisco ASA Advanced Application Inspections
  • Configuring Cisco ASA User-Based Policies

Cisco ASA High Availability and Virtualization

  • Configuring Cisco ASA Interface Redundancy Features
  • Configuring Cisco ASA Active/Standby High Availability
  • Configuring Security Contexts on the Cisco ASA
  • Configuring Cisco ASA Active/Active High Availability

Cisco ASA VPN Architecture and Common Components

  • Evaluating the Cisco ASA VPN Subsystem Architecture
  • Evaluating the Cisco ASA Software Architecture
  • Implementing Profiles, Group Policies, and User Policies
  • Implementing PKI Services

Cisco ASA Clientless Remote Access SSL VPN Solutions

  • Deploying Basic Clientless VPN Solutions
  • Deploying Advanced Application Access for Clientless SSL VPNs
  • Customizing the Clientless SSL VPN User Interface and Portal

Cisco Any Connect Remote Access SSL Solutions

  • Deploying a Basic Cisco AnyConnect Full-Tunnel SSL VPN Solution
  • Deploying an Advanced Cisco AnyConnect Full-Tunnel SSL VPN Solution

Cisco ASA Remote Access IPsec VPNs

  • Deploying Cisco Remote Access VPN Clients
  • Deploying Basic Cisco Remote Access IPsec VPN Solutions

Cisco ASA Site-to-Site IPsec VPN Solutions

  • Deploying Basic Site-to-Site IPsec VPNs
  • Deploying Advanced Site-to-Site IPsec VPNs

Deploying Cisco IOS Software Site-to-Site Transmission Security

  • Site-to-Site VPN Architectures and Technologies
  • Deploying GRE over IPsec VPNs
  • Deploying VTI-Based Site-to-Site IPsec VPNs
  • Deploying Scalable Authentication in Site-to-Site IPsec VPNs
  • Deploying DMVPNs

Deploying Secure Remote Access with Cisco IOS Software

  • Remote Access VPN Architectures and Technologies
  • Deploying Remote Access Solutions Using SSL VPN
  • Deploying Remote Access Solutions Using Cisco Easy VPN

Introduction to Intrusion Prevention and Detection, Cisco IPS Software, and Supporting Devices

  • Evaluating Intrusion Prevention and Intrusion Detection Systems
  • Choosing Cisco IPS Software, Hardware, and Supporting Applications
  • Evaluating Network IPS Traffic Analysis Methods, Evasion Possibilities, and Anti-Evasive Countermeasures
  • Choosing a Network IPS and IDS Deployment Architecture

Installing and Maintaining Cisco IPS Sensors

  • Integrating the Cisco IPS Sensor into a Network
  • Performing the Cisco IPS Sensor Initial Setup
  • Managing Cisco IPS Devices

Applying Cisco IPS Security Policies

  • Configuring Basic Traffic Analysis
  • Implementing Cisco IPS Signatures and Responses
  • Configuring Cisco IPS Signature Engines and the Signature Database
  • Deploying Anomaly-Based Operation

Adapting Traffic Analysis and Response to the Environment

  • Customizing Traffic Analysis
  • Managing False Positives and False Negatives
  • Improving Alarm and Response Quality

Managing and Analyzing Events

  • Installing and Integrating Cisco IPS Manager Express with Cisco IPS Sensors
  • Managing and Investigating Events Using Cisco IPS Manager Express
  • Using Cisco IME Reporting and Notifications