-
- Lesson 1: Introducing the Cisco ASA 5500-X Next-Generation Firewalls
-
- Cisco ASA 5500-X Series Next-Generation Firewalls
- Cisco ASA 5500-X Series SSDs
- Cisco ASA 5585-X Dual Firewall Support
- Cisco ASA 5506-X, 5508-X, and 5516-X Overview
- Cisco ASA NGE Support
- Cisco ASA FirePOWER Services, CWS, NGFW Services, IPS Modules Comparisons
-
-
- Lesson 2: Introducing the Cisco ASAv
-
- ASAv Initial 9.2.1 Release Overview
- Deploy the ASAv OVF Template
- ASAv 9.3.2+ KVM Hypervisor Support
- ASAv Digitally Signed Image
- ASAv Management Options
- ASAv 9.3.2+ Smart Licensing
- Verify the ASAv VM Using the CLI
- Verify the ASAv VM Using the ASDM
- ASA 9.2.1 BGP IPv4 Support
-
-
- Lesson 3: Implementing ASA 9.3 and 9.4.1 New Features
-
- ASA REST API Basics
- ASA ACL Forward Reference and ACL Manual Commit
- ASA CLI Config Backup and Restore
- ASA Policy Based Routing
- ASA Equal Cost Multiple Path Routing
- ASA NSF Support
- ASA 9.4.1+ VXLAN Support
- Other New ASA Features
-
- Lesson 4: Introducing the Cisco ASASM
-
- Cisco ASASM Supported Platforms
- Cisco ASASM Performance Numbers
- Cisco ASASM Architecture
- Cisco ASASM Features Parity
- Cisco ASASM VLAN Interface
Module 2: Cisco ASA Identity Firewall
-
- Lesson 1: Describing the Cisco ASA Identity Firewall Solution
-
- Cisco ASA Identity Firewall Benefits
- Cisco ASA Identity Firewall Flow
- Cisco ASA Identity Firewall Policies
-
-
- Lesson 2: Setting Up Cisco CDA
-
- Cisco CDA versus Active Directory Agent
- Cisco CDA Hardware Appliance and VM Requirements
- Cisco CDA Installation
- Cisco CDA Setup
- Cisco CDA Application Status Verification
- Cisco CDA CLI Operations
- Cisco CDA GUI
-
-
- Lesson 3: Configuring Cisco CDA
-
- Active Directory Server Configuration
- Cisco ASA Configuration
- Syslog Server Configuration
- Cisco CDA User-Account Configuration
- Cisco CDA GUI Password Policy Configuration
- Cisco CDA Session Timeout Configuration
- IP-to-Identity Mapping Display
- Registered-Device Verification
-
-
- Lesson 4: Configuring Cisco ASA Identity Firewall
-
- Identity-Based Firewall Configuration Tasks
- Active Directory Server Configuration
- Cisco CDA Configuration
- User-Identity Options Configuration Using Cisco ASDM
- User-Identity Option Configuration Using the CLI
- User-Identity-Based Access Rules
- User Object Group Configuration
- FQDN Network Object Configuration
- Identity Firewall with Cut-Through Proxy Use Case
- Identity Firewall with Remote-Access VPN Use Case
-
- Lesson 5: Verifying and Troubleshooting Cisco ASA Identity Firewall
-
- Cisco CDA and Active Directory Server Connectivity Test
- Verify User-Identity Operations Using the CLI
- ASA to CDA Connectivity Verifications
- Active Directory Users Verifications
- Verify the Active Directory Groups
- Memory Usage Verifications
- Identity-Based Firewall Cisco ASDM Monitoring Panes
- Cisco CDA Management with the CLI
- Cisco CDA Live Log Monitoring
- Cisco CDA Troubleshooting
Module 3: Cisco ASA FirePOWER Services
-
- Lesson 1: Installing the Cisco ASA FirePOWER Services Module
-
- Cisco ASA FirePOWER Services (SFR) Module Overview
- Cisco FireSIGHT Management Center Overview
- Cisco ASA FirePOWER Services Software Module Management Interface
- Cisco ASA FirePOWER Services Module Package Installation
- Cisco ASA FirePOWER Services Module Verification
- Redirect Traffic to Cisco ASA FirePOWER Services Module
-
-
- Lesson 2: Managing the Cisco ASA FirePOWER Services Module Using the FireSIGHT Management Center
-
- FireSIGHT Management Center VM Installation and Setup
- FirePOWER Services Module and FireSIGHT License Requirements
- Add the FirePOWER Services Module into FireSIGHT
- FireSIGHT Policy Types Overview
- Task Status Monitoring
- System Policy Overview
- Health Policy Overview
- Objects Management Overview
- Network Discovery Overview
- Security Zones Overview
- Active Directory Integration Overview
- SourceFire User Agent Overview
- Access Control Policy Overview
- Intrusion Policy Overview
- FireSIGHT Recommended Rules Overview
- Intrusion Event Impact Levels Overview
- File Policy Overview
- Connection Events Monitoring
- Events Display Time Range
- Switch Workflow
- IPS Events Monitoring
- File Events Monitoring
- Users Monitoring
- Indication of Compromise Overview
- Context Explorer
- Dashboards
- System Updates
-
-
- Lesson 3: Describing the Cisco ASA 5506-X, 5508-X, and 5516-X FirePOWER Services
-
- ASDM and FirePOWER On-Box FireSIGHT Manager
- ASA FirePOWER Dashboard, Reporting, and Status
- ASA FirePOWER Events Viewer
- Gather ASA FirePOWER Troubleshooting Information for Cisco TAC
- FirePOWER Licensing
-
- Lesson 4: Configuring New Features in Cisco ASA Firepower Services 6.0
-
- Firepower 6.0 Platforms
- Deployment Dialog
- Message Center
- System Configurations and Device Platform Settings
- Network Analysis Policy
- File Policy Enhancements
- URL-Based Security Intelligence
- DNS Inspection
- OpenAppID
- Intelligent Application Bypass
- PKI, Cipher Suite List, and Distinguished Name Objects
- SSL Policy
- Realm and Directory Server
- Identity Policy
- Captive Portal Active Authentication
- Cisco ISE pxGrid Integration
- Cisco ASDM On-Box Firepower Management
- Firepower Multidomain Management
Module 4: Cisco ASA Cloud Web Security
-
- Lesson 1: Introducing Cisco ASA Cisco Cloud Web Security
-
- Cisco ASA with Cisco Cloud Web Security
- Cisco Cloud Web Security URL Filtering, AVC, and Reporting Features Overview
- Cisco Cloud Web Security Scanning Processes and Day Zero Outbreak Intelligence Overview
- Cisco ScanCenter
- Cisco ASA Cloud Web Security Licenses
-
-
- Lesson 2: Configuring Cisco ASA with Cisco Cloud Web Security
-
- Cisco ASA and Cloud Web Security Proxy-Server Configuration
- ScanCenter Generation of an Authentication Key for Cisco ASA
- Traffic Redirection from Cisco ASA to Cloud Web Security Proxy Servers
- Cisco ASA and Cloud Web Security Proxy Server User-Identity Configuration
-
-
- Lesson 3: Verifying Cisco ASA Cloud Web Security Operations
-
- Cisco ASA Cloud Web Security Operations Verification Using the CLI
- Cisco ASA Cloud Web Security Operations Verification by Using Cisco ASDM
- Verification of Traffic Redirection from Cisco ASA to Cloud Web Security Proxy Servers
- Cisco ASA Cloud Web Security Syslog Messages
- Cisco ASA Cloud Web Security Operations Verification Using Debug
-
-
- Lesson 4: Describing the Web Filtering Policy in Cisco ScanCenter
-
- ScanCenter Web Filtering Policy Overview
- ScanCenter Web Filtering Policy Configuration
- ScanCenter HTTPS Inspection Configuration Overview
- ScanCenter Web Filtering Reporting
-
- Lesson 5: Describing Cisco ASA Cloud Web Security AMP and CTA
-
- Cisco ASA CWS Advanced Malware Protection Overview
- Cisco Cloud Web Security Cognitive Threat Analytics
- Cisco ASA Cloud Web Security ScanCenter Threats Reporting Overview
Module 5: Cisco ASA Clustering
-
- Lesson 1: Describing Cisco ASA Cluster Features
-
- Cluster Performance Figures and Supported Platforms
- Cluster Data-Interface Modes
- Cluster Data-Interface Connections
- CCL Functions
- Cluster Master and Slave Unit Election
- Centralized, Distributed, and Unsupported Cisco ASA Features
- Cluster Dynamic-Routing Operations
- Cluster NAT and PAT Operations
-
-
- Lesson 2: Describing Cisco ASA Cluster Terminology and Data Flows
-
- Cluster Terminology
- TCP Sequence Number Randomization
- TCP Traffic Flows
- Asymmetric UDP Traffic Flows
- Short-Lived Traffic Flows
- Centralized-Feature Traffic Flows
- Traffic Flows with Secondary Connections
- TCP Flow Rebalancing
- Cluster Health-Check Mechanisms
- Clustering with Multi-Context
-
-
- Lesson 3: Using the CLI to Configure a Cisco ASA Cluster
-
- Cluster Management
- Cluster Configuration with the CLI
- Cluster Interface-Mode Configuration on Each Unit
- CCL Configuration on Each Unit
- Cluster Management Interface Configuration from the Master Unit
- Spanned EtherChannel (Layer 2) Interface Configuration from the Master Unit
- Individual (Layer 3) Interface Configuration from the Master Unit
- Cluster Bootstrap Configuration and Enabling Clustering on Each Unit
- Sample Configuration of a Two-Unit Cluster with Spanned EtherChannel Interface
- Sample Configuration of a Two-Unit Cluster with Individual Interface
- Cluster Configuration Options
-
-
- Lesson 4: Using the ASDM to Configure a Cisco ASA Cluster
-
- Cisco ASDM Cluster Dashboards
- Cluster Configuration Using Cisco ASDM
- Cisco ASDM High Availability and Scalability Wizard
- Cisco ASDM ASA Cluster Pane
-
-
- Lesson 5: Verifying Cisco ASA Cluster Operations
-
- Cluster Licensing
- Cluster Interface-Mode Verification
- Cluster Member-Status Verification
- Cluster Health-Status Verification
- Cluster Connections State Table Verification
- Cluster EtherChannel Status Verification
- Cluster Aggregated ACL Hit-Count Verification
- Cluster Memory and CPU Usage Verification
- Cluster Traffic-Distribution Verification
- TCP Flow-Rebalancing Verification
- Cluster Operation Verification Using ASDM
-
-
- Lesson 6: Troubleshooting Cisco ASA Cluster Operations
-
- Cluster Packet Captures
- Cluster Syslog Messages
- Cluster Debug
- Cluster Crashinfo and Coredump
- Split-Cluster Scenario
-
- Lesson 7: Describing Cisco ASA Version 9.1.4 and Later Clustering Features
-
- More Switches Support for Clustering
- ASA 5500-X Clustering Support (v9.1.4+)
- 16 Units Cluster with 32 Active Members Port Channel Support (v9.2.1+)
- BGP Support with Clustering (v9.3.1+)
- Cluster Selective Interface Monitoring Support (v9.4.1+)
- Individual Mode Inter-DC Clustering: Routed Firewall Mode Only (v9.1.4+)
- Extended Spanned EtherChannel for Inter-DC Clustering: Transparent Firewall Mode Only (v9.2.1+)
- Spilt Spanned EtherChannel Inter-DC Clustering: Transparent Firewall Mode Only (v9.2.1+)
- Inter-DC Redundancy with a Split Cluster