Cisco ASA Training

Purchase Options:

New Video Updates: In these video updates you will learn how to configure Next-Generation Firewall (NGFW) services on the Cisco ASA 5500-X series using the CX Security Module. Some of the video topics include how to inspect network traffic based on applications, micro-applications, a user’s identity (using Active Directory), file blocking, to implementing SSL/TLS Decryption among other practical topics.

The video labs in this series is applicable for Cisco ASA 5500/5500-X (1st Generation FW) and the Cisco ASA 5500-X with CX (Next-Gen FW) environments.

  1. 1st Generation Firewall Series: This video series is focused on deploying the Cisco ASA firewall appliance connected to the Internet edge using the ASDM application only. We will explain the concepts, design aspects, and how to deploy a Cisco ASA firewall in a practical scenario using the latest ASA version. You will learn some of the critical components, considerations, best practices, troubleshooting, and other valuable resources.

Also included in this package is the workbook solution (PDF format) where you will learn the concepts, design, and step-by-step configuration of the Cisco ASA firewalls using CLI. This workbook solution will also provide how to configure other Cisco Firewalls on a Cisco router using Reflexive ACL, CBAC, Zone Based Policy Firewall, the FWSM and more step-by-step.

Videos Series [~413 minutes]
Workbook Solution (using CLI) for 1st Generation Firewall Services

Video Series Length: ~413 minutes

Below are the topics included in this training package:

  1. Cisco ASA Training (Video Series) – 1st Generation Firewall Services
    1. Updates – Cisco ASA OS version 9.X
    2. Concepts and Design
    3. Initial Access
    4. Interfaces configured using VLAN tags
    5. WAN Interface and Default Gateway
    6. Cisco ASA Upgrade
    7. Cisco ASDM image upgrade
    8. Base Configuration
    9. Device Access using Telnet or SSH
    10. Disabling Proxy-ARP
    11. DHCP
    12. Static Routes
    13. PAT using WAN Interface
    14. NAT Port Redirect using WAN interface (single port, multiple ports)
    15. Static NAT
    16. Firewall Policies
    17. Firewall Policies using Object Groups
    18. ACL Manager for Firewall Policies
    19. Client IPSec VPN
    20. Cisco SSL VPN using Tunnel Mode (SVC)
    21. SSL VPN Web Portal Customization
    22. SSL VPN Troubleshooting
    23. Site-Based VPN (LAN-to-LAN)
    24. Tools: Ping, Traceroutes
    25. Viewing Firewall Connections
    26. Packet Capture
    27. Netflow and SNMP
    28. Backup and Restore
    29. Putting firewall to Factory Defaults
    30. Enabling Anti-Spoofing
    31. Basic Application Inspection
    32. Rate Limiting (Policing)
    33. EIGRP Routing
    34. OSPF Routing
    35. Active/Passive Failover
  2. Workbook Solution: Cisco ASA and Other Cisco Firewalls (IOS, FWSM)
    1. Cisco ASA 5500 Series
      1. Base Configuration
      2. Device Access (SSH, Telnet)
      3. NAT (Static, PAT, NAT Port Redirect)
      4. HTTP and ASDM
      5. ASA Image
      6. Stateful Firewall
      7. DHCP Server
      8. OSPF Routing
      9. PPPoE
      10. LDAP integration with Active Directory for Remote Access
      11. Remote Access: SSL VPN (Tunnel Mode/SVC)
      12. Remote Access: Client IPSec VPN
      13. Remote Access: L2TP over IPSec
      14. Site-Based VPN without Remote Access
      15. Site-Based VPN with Remote Access
      16. IP SLA with Dual ISP
      17. Rate Limiting (Policing)
      18. Active/Passive Failover
      19. Troubleshooting Cases
  3. Cisco ASA using CX Training (Video Series) – Next-Generation Firewall (NGFW) Services
    1. Overview and Design
    2. ASA CX Software Installation
    3. Sending Traffic from ASA to CX Security Module
    4. Basic Operations
    5. Licensing
    6. Components of the Access Policy
    7. Filtering by Network
    8. Filtering by URL
    9. Filtering by Web Browser
    10. Bandwidth Limiting
    11. SSL/TLS Decryption
    12. Filtering by User Identity (Passive Authentication)
    13. Filtering by User Identity (Active Authentication)
    14. Filtering by Applications and Micro-Applications
    15. File Blocking
    16. Backup and Restore

IMG_7397Michel Thomatis, CCIE #6778 (15 year) – Chief Network Architect & Lead Trainer

Michel has spent the last 18 years as a network engineer/architect.  As a 15-year CCIE, Michel loves the opportunity to provide training in a wide-array of network technologies. He formerly worked at Cisco, as well as in government, banking, and non-profit organizations. He has published the “Network Design Cookbook” and a science fiction novel called “The Dark End”.  He has also published various iOS applications (virtual Network Engineer, Circlefalls) that can be found on Apple’s iOS App Store.  Other software development experience includes python and SDN.  Currently, Michel is the owner, Chief Network Architect and Lead Trainer at RouteHub Group, LLC.