COURSE OBJECTIVE:
After completing this course you should be able to:
• Describe Cisco Secure Firewall Threat Defense
• Describe advanced deployment options on Cisco Secure Firewall Threat Defense
• Describe advanced device settings for Cisco Secure Firewall Threat Defense device
• Configure dynamic routing on Cisco Secure Firewall Threat Defense
• Configure advanced network address translation on Cisco Secure Firewall Threat Defense
• Configure SSL decryption policy on Cisco Secure Firewall Threat Defense
• Deploy Remote Access VPN on Cisco Secure Firewall Threat Defense
• Deploy identity-based policies on Cisco Secure Firewall Threat Defense
• Deploy site-to-site IPsec-based VPN on Cisco Secure Firewall Threat Defense
• Deploy advanced access control settings on Cisco Secure Firewall Threat Defense
• Describe advanced event management on Cisco Secure Firewall Threat Defense
• Describe available integrations with Cisco Secure Firewall Threat Defense
• Troubleshoot traffic flow using advanced options on Cisco Secure Firewall Threat Defense
• Describe benefits of automating configuration and operations of Cisco Secure Firewall Threat Defense
• Describe configuration migration to Cisco Secure Firewall Threat Defense
TARGET AUDIENCE:
Anyone involved in the deployment and maintenance of a Cisco Secure Firewall Threat Defense solution.
COURSE PREREQUISITES:
Attendees should meet the following prerequisites:
• Knowledge of Transmission Control Protocol/Internet Protocol (TCP/IP)
• Basic knowledge of routing protocols
• Familiarity with the content explained in the Fundamentals of Cisco Firewall Threat Defense and Intrusion Prevention
COURSE CONTENT:
Introducing Cisco Secure Firewall Threat Defense
• Firewall Functionality
• Cisco Secure Firewall Platform
• Use Cases
• Deployment Options
• Management Options
• Basic Network Settings
• Packet Processing
• ACP and Prefilter Policies Overview
• Cisco Secure Firewall Smart Licensing
Describing Advanced Deployment Options on Cisco Secure Firewall Threat Defense
• Cisco Secure Firewall Threat Defense Architecture
• FXOS and Secure Firewall Chassis Manager
• Multi-Instance Deployment
• Cluster Deployment
• Cluster Configuration
Configuring Advanced Device Settings on Cisco Secure Firewall Threat Defense
• QoS Implementation
• Service Policies Implementation
• FlexConfig Policies Implementation
• Traffic Bypass
Configuring Dynamic Routing on Cisco Secure Firewall Threat Defense
• Dynamic Routing Overview
• Virtual Routing
• Dynamic Routing Configuration
Configuring Advanced NAT on Cisco Secure Firewall Threat Defense
• Network Address Translation Overview
• Advanced NT Rules Implementation
Configuring SSL Policy on Cisco Secure Firewall Threat Defense
• SSL Encryption Overview
• SSL Decryption Overview
• SSL Policy Configuration
• SSL Policy Best Practices
Deploying Remote Access VPN on Cisco Secure Firewall Threat Defense
• Remote-Access VPN Components
• Digital Certificate Enrollment
• Remote Access VPN Configuration
• Remote Access VPN High Availability
Deploying Identity-Based Policies on Cisco Secure Firewall Threat Defense
• Identity-Based Policies
• Realm Configuration
• Identity Source Configuration
• Identity-Based Policy Configuration
Deploying Site-to-Site VPN on Cisco Secure Firewall Threat Defense
• Site-to-Site VPN Components
• Policy-Based and Route-Based Site-to-Site VPNs
• Point-to-Point VPN Configuration VTIs
• Hub-and-Spoke VPN Configuration with Crypto Maps
• Site-toSite High Availability
Configuring Snort Rules and Network Analysis Policies
• Snort and Network Analysis Policy
• Snort Rules and Actions
• Secure Firewall Recommendations
Describing Advanced Event Management Cisco Secure Firewall Threat Defense
• Alerting
• Correlation Policies
• External Event Logging
Describing Integrations on Cisco Secure Firewall Threat Defense
• Integration with Cisco Identity Service Engine
• Integration with Cisco Network Analytics
• Integration with SecureX
Troubleshooting Advanced Traffic Flow on Cisco Secure Firewall Threat Defense
• Traffic Flow Overview
• Troubleshooting Tools
• Troubleshooting Process
• Performance Troubleshooting
Automating Cisco Secure Firewall Threat Defense
• Network Operations Automation
• Cisco Secure Firewall Management Center API Overview
• Cisco Secure Firewall Device Manager API Overview
Migrating to Cisco Secure Firewall Threat Defense
• Migration Options
• Migration Tool
• Migration from Cisco Secure firewall ASA
Labs Outlines:
• Discovery Lab 1: Configure Multi-Instance Firewall Using Chassis Manager Interactive Activity
• Discovery Lab 2: Deploy Advanced Connection Settings
• Discovery Lab 3: Configure Dynamic Routing
• Discovery Lab 4: Configure SSL Policy
• Discovery Lab 5: Configure Remote Access VPN
• Discovery Lab 6: Configure Identity-Based Policy
• Discovery Lab 7: Configure Site-to-Site VPN
• Discovery Lab 8: Customize IPS and NAP Policies
• Discovery Lab 9: Configure Cisco Secure Firewall Threat Defense Integrations
• Discovery Lab 10: Troubleshooting Cisco Secure Firewall Threat Defense
• Discovery Lab 11: Cisco Secure Firewall Threat Defese Automation
• Discovery Lab 12: Migrate Configuration from Cisco Secure Firewall ASA
FOLLOW ON COURSES:
Not available. Please contact.