Cisco FIREWALL 2.0: ASA Advanced Application Inspections and User-Based Policies
This course is included in our On-demand training solution.
Deploying access control that is based on parameters for Open Systems Interconnection (OSI) Layer 3 and 4 establishes a minimal connectivity policy for network applications. However, this filtering alone cannot provide protection for exposed applications. The Cisco ASA adaptive Security Appliance Application Inspection and Control (AIC) features provide advanced application layer (OSI Layers 5 to 7) filtering to address these scenarios when risk assessment demands them. This course enables you to configure, verify, and troubleshoot these advanced applications inspections and controls of the Cisco ASA Security Appliance.
You can configure the Cisco ASA adaptive Security Appliance for user-based policies (also known as cut-through proxy), where you can implement different network access policies for different users based on their authenticated identity. You implement user-based policies using the authentication, authorization, and accounting (AAA) system on the Cisco ASA Security Appliance. This course describes the Cisco ASA Security Appliance user authentication capabilities, followed by per-user authorization and traffic accounting features that you can integrate with the AAA infrastructure of an organization.
Anyone wishing to obtain the Cisco Certified Network Professional CCNP Security designation. Cisco Network Security Engineers responsible for the selection, configuration, and the troubleshooting of the majority of Cisco ASA adaptive Security Appliance perimeter security features to reduce risk to IT infrastructure and its applications within their networking environments. Established IT professionals with a good understanding of networking and Cisco technology, installation, troubleshooting and monitoring of devices used to maintain integrity, confidentiality and availability of data and network devices that Cisco uses in its security infrastructure, as well as working knowledge of the Microsoft Windows operating system. Candidates who have completed the Cisco Certified Network Associate (CCNA) Certification and the Cisco Certified Network Associate Security Certification (CCNA Security).
ASA Layer 5 to Layer 7 Application Inspection
Configuring ASA Layer 5-7 Application Inspection
Configuring ASA HTTP Inspection
ASA HTTP Inspection Configuration Example
Configuring HTTP Inspection on Cisco ASA
ASA FTP Inspection and Additional Policy Enforcements
Troubleshooting ASA Application Layer Inspection
AAA and Cut-through Proxy Overview
Configuring Cut-through Proxy Authentication
Configuring Authentication Prompts and Timeouts
Configuring Cut-Through Proxy Authorization
Troubleshooting Cut-Through Proxy Accounting