SENSS 1.0: Deploying Advanced Cisco ASA Access Policies
This course is included in our On-demand training solution.
Advanced Cisco Adaptive Security Appliance access policies allow security administrators to apply different policies to different types of traffic. For example, traffic coming from the Internet could be analyzed for any sign of malicious software. On the other hand, voice over IP traffic could be prioritized on all Cisco ASA interfaces to prevent delays and packet losses. The Cisco modular policy framework is a configuration tools which enables security administrators to assign different network policies to different traffic flows in flexible and granular manner. The MPF enhances ASA interface access control lists by allowing the administrator to specify a multitude of advanced access controls on network flows independently of interface ACLs.
This course first provides an overview of advanced access controls and policies. Then the course describes the Cisco MPF, which is used to implement advanced policies. Then the course discusses how to tune OSI layer 3-4 stateful inspection and inspection of dynamic protocols. The course concludes with application inspection of HTTP and FTP protocols.
Anyone wishing to obtain the Implementing Cisco Edge Network Security Solutions (SENSS) v1.0 certification; one of four designed for the CCNP Security track from Cisco. Knowledge of Cisco Certified Network Associate (CCNA) certification is required and knowledge of Cisco Certified Network Associate (CCNA) Security certification and Knowledge of Microsoft Windows Operating System are helpful. Note: Candidates who have a valid CCNA Routing and Switching certification AND have passed either Securing Cisco Network Devices exams 642-551 or 642-552 can act as a prerequisite valid only through December 31, 2014.
Advanced Cisco ASA Access Policies Overview
Cisco MPF Overview
OSI Layer 3-4 Policies Overview Part I
OSI Layer 3-4 Policies Overview Part II
Default OSI Layer 3-4 Stateful Tracking
Tuning OSI Layer 3-4 Stateful Tracking Part I
Tuning OSI Layer 3-4 Stateful Tracking Part II
Support for Dynamic Protocols on the ASA
Configuring Support for Dynamic Protocols Part I
Configuring Support for Dynamic Protocols Part II
Application Layer Policies Overview Part I
Application Layer Policies Overview Part II
Application Layer Policies Overview Part III
HTTP Inspector Overview
Configuring HTTP Inspection Part I
Configuring HTTP Inspection Part II
Configuring HTTP Inspection Part III
Configuring HTTP Inspection Part IV
Configuring HTTP Inspection Part V
FTP Inspector Overview
Evaluating Application Inspection of Other Protocols
Exercise: Configure Advanced ASA Access Policies