Cisco SITCS 1.0: Cisco ASA (CX) NGFW Services I
This path is designed to prepare security engineers with the knowledge covering advanced firewall architecture and configuration with the Cisco Next-Generation Firewall, utilizing access, and identity policies. It is also suitable for students interested in pursuing their Cisco Certified Network Professional Security (CCNP Security) certification.
Prerequisite
None
Expected Duration
122 minutes
Description
Cisco Adaptive Security Appliance Context Aware Next-Generation Firewalls, or ASA (CX) NGFW provide context-aware security functionality on the Cisco ASA adaptive security appliance platform. Context-awareness implies knowledge and control that are based on application (what), location (where), user-device type (how), and user identity (who). In this course you will learn key Cisco ASA (CX) NGFW functions, management architecture, and protocols as well as the basic Cisco Prime Security Manager (PRSM) GUI functions and Cisco ASA (CX) NGFW CLI operations. In addition, you’ll learn the caveats of the Cisco (CX) NGFW management interface, and the Cisco (CX) NGFW and Cisco PRSM licensing requirements, as well as how to how to configure Cisco ASA (CX) NGFW policy objects. This course is one of a series in the SkillSoft learning path that covers the objectives for the Implementing Cisco Threat Control Solutions (SITCS) 1.0 (300-207 SITCS) exam.
Objective
Describing the Cisco ASA (CX) NGFW Services
start the course
describe where the Cisco ASA (CX) NGFW fits in the overall network topology
list the components and explain the benefits of the Cisco ASA (CX) NGFW solution
describe how Cisco ASA (CX) NGFW broad and web AVC operate
describe the three Cisco ASA (CX) NGFW policy types
list the Cisco ASA features that are compatible with Cisco ASA (CX) NGFW
identify the physical features of the Cisco ASA CX-SSP hardware module
Describing the NGFW Management Architecture
describe the Cisco ASA (CX) NGFW management architecture and protocols
compare the on-box Cisco PRSM (single-device mode) and the off-box Cisco PRSM
describe the PRSM GUI operations
describe the caveats of the Cisco ASA (CX) NGFW software module management interface
describe the caveats of the Cisco ASA CX-SSP hardware module management interfaces
describe the Cisco ASA (CX) NGFW CLI operations
describe the Cisco ASA (CX) NGFW licensing requirements
describe the Cisco Off-Box PRSM licensing requirements
Configuring Cisco ASA (CX) NGFW Policy Objects
redirect traffic from Cisco ASA to Cisco ASA (CX) NGFW to enforce context-aware policies on the traffic
describe the Cisco ASA (CX) NGFW policy structure
describe how policy objects are used within the Cisco ASA (CX) NGFW policy for traffic matching
describe how to configure Cisco ASA (CX) network groups
describe how to configure Cisco ASA (CX) service objects and service groups
describe how to configure Cisco ASA (CX) application objects and application service objects
describe how to configure Cisco ASA (CX) URL, User Agent, and identify objects
describe how to configure Cisco ASA (CX) source object groups and destination object groups
describe how to configure Cisco ASA (CX) secure mobility objects
describe how to configure Cisco ASA (CX) action profile objects
identify where each policy object can be used in Cisco ASA (CX) NGFW policy configurations
describe the use of tagging, ticket IDs, and metadata
Practice: Cisco ASA (CX) NGFW Policy Objects
understand basic Cisco ASA Next-Generation Firewall (NGFW) Services