Cisco FIREWALL 2.0: ASA Interface Redundancy and Active/Standby Availability

This course is included in our On-demand training solution.

Overview

To support high availability on the Cisco ASA Adaptive Security Appliance, you can use several high-availability features on the appliance. EtherChannel enables you to improve the bandwidth from the Cisco ASA Security Appliance to a switch that also supports EtherChannel and it provides logical interface redundancy. Other high-availability features are redundant interfaces, in which you can pair two physical interfaces to provide interface-level redundancy. One interface in a pair is designated as active and one is waiting as a standby member. If the active interface fails, the standby interface takes over and starts forwarding traffic. This course describes how to configure EtherChannel and redundant interfaces on the Cisco ASA Security Appliance.
To provide device redundancy, you can deploy Cisco ASA Adaptive Security Appliances in an active/standby high-availability failover configuration. Using this feature, you can pair two Security Appliances, where one is active and forwards user traffic, and the other is in a hot standby state. With active device failure, the standby device will take over. If the active/standby failover is deployed and configured correctly, users may not experience any network disruption. This course provides a description of the active/standby failover and then demonstrates how to configure, tune, and troubleshoot active/standby failover functionality.

Target Audience

Anyone wishing to obtain the Cisco Certified Network Professional CCNP Security designation. Cisco Network Security Engineers responsible for the selection, configuration, and the troubleshooting of the majority of Cisco ASA Adaptive Security Appliance perimeter security features to reduce risk to IT infrastructure and its applications within their networking environments. Established IT professionals with a good understanding of networking and Cisco technology, installation, troubleshooting and monitoring of devices used to maintain integrity, confidentiality and availability of data and network devices that Cisco uses in its security infrastructure, as well as working knowledge of the Microsoft Windows operating system. Candidates who have completed the Cisco Certified Network Associate (CCNA) Certification and the Cisco Certified Network Associate Security Certification (CCNA Security).

Prerequisites

Expected Duration

60 min.

Course Objectives

Configuring and Verifying EtherChannel

  • identify the considerations for using the EtherChannel port link aggregation technology
  • Configuring and Verifying Redundant Interfaces

  • describe how redundant interfaces work on the Cisco ASA Security Appliance
  • Troubleshooting EtherChannel and Redundant Interfaces

  • recognize how to troubleshoot redundant interfaces on the Cisco ASA Security Appliance
  • Cisco ASA Active/Standby Failover Planning

  • identify the guidelines for implementing active/standby failover on the Cisco ASA Security Appliance
  • Configuring and Verifying Active/Standby Failover

  • describe how to configure active/standby failover on the Cisco ASA Security Appliance
  • Tuning and Managing Active/Standby Failover

  • describe how to tune and manage active/standby failover on the Cisco ASA Security Appliance
  • describe the remote execution of commands when using the Cisco ASA Security Appliance in failover configuration
  • Troubleshooting Active/Standby Failover

  • describe how to troubleshoot active/standby failover on the Cisco ASA Security Appliance
  • SUBSCRIPTION COST



     

    NEED HELP OR NOT SURE?