Home / All Courses / Others Technologies / Implementing Advanced Cisco ASA Security (SASAA)

Implementing Advanced Cisco ASA Security (SASAA) Training & Certification Course

Overview

SASAA training course is a 5-day classroom course led by our expert SASAA instructor. It is a hands-on course that dives into every aspect of Cisco’s ASA products. Graduates of this training will be able to implement the key features of ASA, including FirePOWER services v6.0, ASA Identity Firewall, ASA Cloud Web security, ASA Clustering and virtual ASA.

This course provides advanced training on the key Cisco Adaptive Security Appliance (ASA) 9.x features including the following:

  • Cisco ASA 5500-X Series Next-Generation Firewalls, ASAv, ASA 5506-X, 5508-X, 5516-X and ASA SM and implement new ASA 9.4.1 features
  • Cisco ASA Identity Firewall policies
  • Install and Set up the Cisco FirePOWER Services Module (SFR)
  • Implement Cisco ASA Cloud Web Security
  • Implement a Cisco ASA cluster
  • Cisco ASA security group firewall and change of authorization support

WHAT YOU’LL LEARN

  • Cisco ASA 5500-X Series Next-Generation Firewalls and the Cisco ASA Services Module (ASA SM)
  • Implement ASA Security Zones and Equal Cost Mulitpathing
  • Configure ASA 9.3/9.4 new features including: REST API for configuration, Policy Based Routing, ACL Manual Commit and ACL Forward Refernece
  • Implement the Cisco ASA Identity Firewall Feature, including the use of the Cisco CDA
  • Implement the Cisco ASA SFR (FirePOWER Services) module
  • Configure Cisco ASA to integrate with Cisco Cloud Web Security to provide web security and filtering services through an SaaS model
  • Security Group Access Control (SGACL) feature in Cisco ASA Software 9.0 and later.
  • Implement a Cisco ASA Cluster feature which allows as many as eight Cisco ASA appliances to be joined in a single cluster.

Full Description

Module 1: Cisco ASA Product Family

  • Introduction to ASA series firewalls
  • Introduction to ASAv
  • Deploy ASAv
  • ASAv Other hypervisors support, digitally signed image and management options
  • Verify ASAv VM
  • ASA 9.2.1 BGP IPv6 support
  • ASA 9.3 features
  • ASA 9.4.1 + VXLAN support
  • Describe the Cisco ASASM platforms, architecture, and features

 

Module 2: Cisco ASA Identity Firewall

  • ASA Identity Firewall benefits, flow and policies
  • Cisco CDA basic network configuration
  • Application status verification
  • Active directory server configuration
  • CDA user-account configuration
  • CDA GUI password policy configuration
  • Configure identity firewall policies on ASA
  1. Using ASDM
  2. Using CLI
  • FQDN network object configuration
  • Verify user-identity operations
  • CDA management with CLI, live log monitoring and troubleshooting

 

Module 3: Cisco ASA Firepower Services

  • SFR introduction
  • FireSIGHT management
  • SFR management interface, package installation and verification
  • FireSIGHT VM installation and setup
  • License requirement
  • Policy types introduction
  • Recommended rules introduction
  • Monitoring
  • ASDM and Firepower on-box FireSIGHT manager
  • Firepower dashboard, reporting, status and events viewer
  • Licensing
  • Firepower 6.0 features
  • System configurations and device platform settings
  • Firepower multidomain management

 

Module 4: Cisco ASA Cloud Web Security (CWS)

  • ASA with CWS introduction
  • CWS scanning processes
  • Licenses
  • ASA with CWS integration
  • CWS operations verification
  • Verify traffic redirection
  • Syslog messages
  • ScanCenter web filtering policy introduction and configuration
  • ASA CWS AMP introduction
  • CWS cognitive threat analysis
  • Threats reporting

 

Module 5: Cisco ASA Clustering

  • Cluster performance figures and supported platforms
  • Cluster data-interface modes and connections
  • CLL functions
  • Cluster dynamic-routing, NAT and PAT operations
  • Cluster terminology
  • TCP, asymmetric UDP, short-lived and centralized-feature traffic flows
  • Cluster management
  • Configuration with the CLI
  • Each unit configuration  Master unit configuration
  • Sample configuration of a two-unit cluster with spanned EtherChannel and individual interface
  • Configure ASA cluster using Cisco ASDM
  • Cluster licensing
  • Verification types
  • Troubleshoot ASA cluster operations
  • Cluster features of v9.1.4, v9.2.1, v9.3.1 and v9.4.1

 

Module 6: Cisco ASA Security Group Firewall and Change of Authorization (Optional)

  • Cisco secure access architecture
  • SG Firewall configuration
  • SGACL operations monitoring
  • SGT features (post 9.0 releases)
  • Change of authorization introduction
  • Chang of authorization CLI and ASDM configurations

 

Labs:

  1. Access the Remote Cisco Learning Lab Environment
  2. Set-Up and Test the ASAv
  3. Implement New Features in ASA 9.3 and 9.4
  4. Configure the Cisco CDA
  5. Configure ASA IDFW
  6. Cisco ASA Firepower Services Module Installation
  7. Cisco Firepower Management Center Configuration
  8. Configure ASA CWS
  9. Cisco ASA Cluster Configuration

Fees & Schedule

Delivery ModeCourse DurationFees
Live Virtual Training 5 DaysAsk for Quote
Onsite Classroom Training 5 DaysAsk for Quote
Customized Training 5 DaysAsk for Quote

FAQ's

SpireTec solutions is the latest technology enabled I.Tmanagement training company specialized in offering 1500+ courses with the state of art training facilities backed by a team of industry experts in various domains with assuring best quality services.
Since SpireTec provides 24X7 training and support for your training needs is very adaptable to your time availabilities and offers customized training programs according to your availability and time zones of your contingent.
Because SpireTec aims for the personal & professional growth of you as individual & corporate as a whole, providing training on the latest and updated versions in the designated domains.
It is preferable but not mandatory to have domain experience in the area of your interest in which you want to opt training, supported by good English communication skills, a good Wi-Fi and computer or laptop system in case you want remote training
Spire Tec aims and ensure to offer finest and world-class training to the participants by giving them a proper counselling and a guided career path by our industry experts which leads guaranteed success for you in the corporate world
We offer online training (1-1, Group training), Classroom training, Onsite training with state of art facilities.
You can make payment online via PayPal with any of the debit & credit cards or via direct bank transfer.