Implementing Advanced Cisco ASA Security (SASAA) Training & Certification Course

Module 1: Cisco ASA Product Family

• Introduction to ASA series firewalls
• Introduction to ASAv
• Deploy ASAv
• ASAv Other hypervisors support, digitally signed image and management options
• Verify ASAv VM
• ASA 9.2.1 BGP IPv6 support
• ASA 9.3 features
• ASA 9.4.1 + VXLAN support
• Describe the Cisco ASASM platforms, architecture, and features

Module 2: Cisco ASA Identity Firewall

• ASA Identity Firewall benefits, flow and policies
• Cisco CDA basic network configuration
• Application status verification
• Active directory server configuration
• CDA user-account configuration
• CDA GUI password policy configuration
• Configure identity firewall policies on ASA

1. Using ASDM
2. Using CLI

• FQDN network object configuration
• Verify user-identity operations
• CDA management with CLI, live log monitoring and troubleshooting

Module 3: Cisco ASA Firepower Services

• SFR introduction
• FireSIGHT management
• SFR management interface, package installation and verification
• FireSIGHT VM installation and setup
• License requirement
• Policy types introduction
• Recommended rules introduction
• Monitoring
• ASDM and Firepower on-box FireSIGHT manager
• Firepower dashboard, reporting, status and events viewer
• Licensing
• Firepower 6.0 features
• System configurations and device platform settings
• Firepower multidomain management

Module 4: Cisco ASA Cloud Web Security (CWS)

• ASA with CWS introduction
• CWS scanning processes
• Licenses
• ASA with CWS integration
• CWS operations verification
• Verify traffic redirection
• Syslog messages
• ScanCenter web filtering policy introduction and configuration
• ASA CWS AMP introduction
• CWS cognitive threat analysis
• Threats reporting

Module 5: Cisco ASA Clustering

• Cluster performance figures and supported platforms
• Cluster data-interface modes and connections
• CLL functions
• Cluster dynamic-routing, NAT and PAT operations
• Cluster terminology
• TCP, asymmetric UDP, short-lived and centralized-feature traffic flows
• Cluster management
• Configuration with the CLI
• Each unit configuration  Master unit configuration
• Sample configuration of a two-unit cluster with spanned EtherChannel and individual interface
• Configure ASA cluster using Cisco ASDM
• Cluster licensing
• Verification types
• Troubleshoot ASA cluster operations
• Cluster features of v9.1.4, v9.2.1, v9.3.1 and v9.4.1

Module 6: Cisco ASA Security Group Firewall and Change of Authorization (Optional)

• Cisco secure access architecture
• SG Firewall configuration
• SGACL operations monitoring
• SGT features (post 9.0 releases)
• Change of authorization introduction
• Chang of authorization CLI and ASDM configurations

Labs:

1. Access the Remote Cisco Learning Lab Environment
2. Set-Up and Test the ASAv
3. Implement New Features in ASA 9.3 and 9.4
4. Configure the Cisco CDA
5. Configure ASA IDFW
6. Cisco ASA Firepower Services Module Installation
7. Cisco Firepower Management Center Configuration
8. Configure ASA CWS
9. Cisco ASA Cluster Configuration