Cisco FIREWALL 2.0: ASA Security Contexts and Active/Active High Availability

This course is included in our On-demand training solution.

Overview

When you implement different security policies for traffic from different customers or departments, you can use the virtualization features available on the Cisco ASA adaptive security appliance. You can configure several security contexts, each acting as a separate virtual security appliance on the same physical hardware. On each security context, you can configure most of the features that are available on single-mode Cisco ASA security appliances. This course describes the security contexts feature and how to configure and manage multiple security contexts.
You can deploy Cisco ASA adaptive security appliances in an active/active high-availability failover to provide device redundancy and load sharing in order to increase performance. Using this active/active failover feature, you can pair two security appliances, in which both devices process traffic at the same time and act as a backup for each other. When both devices are operational, each processes a share of network traffic, depending on your traffic routing configuration. If one of the two appliances fails, the other takes over and processes all network traffic. This course describes the active/active failover feature and how to configure, tune, and troubleshoot active/active failover functionality.

Target Audience

Anyone wishing to obtain the Cisco Certified Network Professional CCNP Security designation. Cisco Network Security Engineers responsible for the selection, configuration, and the troubleshooting of the majority of Cisco ASA adaptive security appliance perimeter security features to reduce risk to IT infrastructure and its applications within their networking environments. Established IT professionals with a good understanding of networking and Cisco technology, installation, troubleshooting and monitoring of devices used to maintain integrity, confidentiality and availability of data and network devices that Cisco uses in its security infrastructure, as well as working knowledge of the Microsoft Windows operating system. Candidates who have completed the Cisco Certified Network Associate (CCNA) Certification and the Cisco Certified Network Associate Security Certification (CCNA Security).

Prerequisites

Expected Duration

90 min.

Course Objectives

Introduction to Security Contexts

  • identify the guidelines for using multiple context mode on the Cisco ASA security appliance
  • Configuring Security Contexts

  • identify the considerations for configuring security contexts on the Cisco ASA security appliance
  • sequence the steps to configure security contexts on the Cisco ASA security appliance
  • Verifying and Managing Security Contexts

  • describe how security contexts can be managed on the Cisco ASA security appliance
  • Configuring Security Context Resource Management

  • describe resource management on the Cisco ASA security appliance
  • Troubleshooting Security Contexts

  • describe how to troubleshoot the operation of the Cisco ASA security appliance in multiple-context mode
  • Introduction to Active/Active Failover

  • identify the features of active/active failover on the Cisco ASA security appliance
  • Configuring and Verifying Active/Active Failover

  • sequence the steps to configure active/active failover on the Cisco ASA security appliance
  • Tuning and Troubleshooting Active/Active Failover

  • describe how to tune active/active failover on the Cisco ASA security appliance
  • describe how to troubleshoot active/active failover on the Cisco ASA security appliance
  • COURSE COST



     

    NEED HELP OR NOT SURE?