757-216-3656 | Monday–Friday 8:30 AM – 4:30 PM | info@itdojo.com

CSFA – Cisco Secure Firewall Advanced Features, Operations and Management

Course Duration

3 Days

Audience

Employees of federal, state and local governments; and businesses working with the government.

Prerequisites

Before taking this course, it would be good to have a basic understanding of Cisco Secure Firewall and some hands-on experience working on the device (Cisco Secure Firewall). If you don’t have the pre-requisites described above, then a good way to prepare for this course is to attend our course ’Introduction to Cisco Secure Firewall’.

Course Description

In this 3-day, lab intense course students will learn about many of the advanced features, day-2 operations and management of Cisco Secure Firewall / Firepower Threat Defense. Through intense lab exercises students will develop the skills to configure, manage and troubleshoot problems with Cisco FTD devices. After a short review of CSF, we will cover advanced features like security intelligence, file control, advanced malware protection, redundancy, external threat intelligence, domain management, SNORT3, and advanced packet flow analysis. We will also have a look at what’s new in version 7.x. You will gain leading-edge skills for high-demand security focused responsibilities.

Learning Objectives

  • Describe the advanced features of a Next-Generation Firewall
  • Explain the newly release features
  • Configure advanced and newly released features
  • Understand advanced packet flow analysis

Course Outline

Course Topics
  • Device Configuration
  • Traffic Control
  • NAT Overview
  • Network Discovery
  • Overview of Policies
  • Security Intelligence (SI)
  • File Control and Advanced Malware Protection
  • Malware and File Policy
  • Overview of Intrusion Prevention and Snort Rules
  • Firepower Recommendations
  • Overview of High Availability (HA)
  • Discuss active / standby HA
  • Overview of external feeds
  • Describe incidents
  • Explain Cisco Threat Intelligence Director (CTID)
  • Understanding subscription of CTID to external feeds
  • Introduction to multi-tenancy using domains
  • Managing domains
  • Creating new domains
  • Moving devices between domains
  • Site-to-Site VPN
  • RA-VPN
  • Introduction to Snort3
  • Explain Elephant Flow
  • Discuss Snort3 recommendations
  • Explain rule actions
  • Using the ’Packet-Tracer’ feature
  • Using the ’Capture with Trace’ feature
  • VPN Load Balancing for FMC-managed devices
  • Explain FQDN NAT
  • Understand network wildcard mask object
  • Discuss direct Internet access
  • Describe AnyConnect with SAML external browser
  • Explain encrypted visibility engine
  • Discuss enhancement in TLS (focus on TLS 1.3)
Request Info & Pricing

Get details on scheduling, pricing, and delivery options for this course.

757-216-3656
Upcoming Course Dates

Classes are forming now, contact us about upcoming dates.

Can't find what you're looking for?

Let us know! Chances are we have access to the training that you need.

Have questions or need more information?

Contact us today at:

757-216-3656 info@itdojo.com
About Our Instructors

All IT Dojo courses are taught by certified, active industry practitioners.

Meet Our Instructors
Related Courses
See all Cisco Training →
Get More Information

We cannot work with the general public. We only work with Government Agencies, Military, government contractors, and corporate clients.