Videos in course:
Total Course Duration: 13:22:49 - H: M: S
Firewall v2.0 Introduction 00:13:48
The Adaptive Security Appliance (ASA) is a vital cornerstone in Cisco's security portfolio, and when properly implemented and managed can reduce the overall risk to a company. This introduction video identifies who the series was created for, what to expect from it and how to get the most out of it.
Out of the Box 00:36:44
Before we can implement the advanced features of the Adaptive Security Appliance (ASA), which include stateful packet filtering, application layer inspection, user-based access control, AAA, BotNet filtering, IPsec and SSL VPNs, redundant interfaces, etherchannel, multicast and routing protocols, NAT, transparent firewall, multiple context firewall (virtual firewalls), or High Availability (HA) with failover, we need to first have management access to the ASA. In this video, Keith walks you through how to do an image recovery of an ASA that doesn't have a valid OS image on flash, and then proceeds to take you step by step in bootstrapping the ASA with enough configuration to allow access by the ASA Security Device Manager (ASDM).
Maps to CCNP Firewall 642-618 objectives: Manage the ASA boot process; Implement ASA interface settings.
ASA & ASDM Essentials 00:53:59
What else needs to be done, to get an ASA up and functioning in the network? This Nugget answers that, as Keith walks you through configuring a second interface and configuring Network Address Translation (NAT) to provide firewall services for clients. As you and Keith configure, he explains the details of why security levels (assigned to each interface) are important, and how they work in conjunction with stateful firewall services.
Maps to CCNP Firewall 642-618 objectives: Implement ASA licensing; Implement ASA interface settings; Implement ASA management features; Implement ASA access control features; Implement Network Address Translation (NAT) on the ASA.
NAT on the ASA, 8.2, 8.3 and beyond 01:11:23
What's up with NAT!?! That is a topic that comes up all the time with the current version of the ASA (8.3 and higher). The methods and configuration dramatically changed after the update from 8.2 to 8.3. In this video, Keith walks you through how NAT on the 8.2 and older versions of the ASA was configured, and then takes you through the logic and configuration of the new NAT. Concepts are reinforced by real world scenarios along with demonstration and verification of the NAT, step by step.
Maps to CCNP Firewall 642-618 objectives: Implement ASA interface settings; Implement Network Address Translation (NAT) on the ASA.
ACLs on the ASA 00:56:14
What do Public Servers, Real IP addresses, and global Access Control Lists (ACLs) all have in common? They are all new features in version 8.3, 8.4 and higher of the ASA, and critical to know. Have no fear, in this video, Keith introduces the ACL options including when and where to use them. Demonstration and verification are done to reinforce both the concepts and the configuration steps.
Maps to CCNP Firewall 642-618 objectives: Implement ASA access control features; Implement NAT on the ASA; Implement ASDM public server feature.
Routing on the ASA 00:23:44
When the ASA considers forwarding a packet, it uses its routing table to determine the exit interface and the next hop router (if the destination is not directly connected). Based on the interfaces involved, the appropriate rules are considered, such as the security levels or ACLs involved. Training the ASA to learn about remote networks can be done in a few ways, and in this Nugget, Keith walks you through each of the methods including static routing, RIP, EIGRP and OSPF. Multicast routing capabilities of the ASA are also discussed in this video.
Maps to CCNP Firewall 642-618 objectives: Implement ASA static routing; Implement ASA dynamic routing.
MPF 101 00:54:54
Modular Policy Framework (MPF) is used to implement additional Layer 3 and Layer 4 actions on the packets that flow through the ASA. MPF actions include implementing Quality of Service (QoS), policing, application inspection (such as looking for additional ports that may need to be allowed through the ASA for an application to work), changing TCP connection thresholds (such as limiting the number of half-formed sessions allowed through the firewall), and much more. Keith demonstrates real-world scenarios where MPF is required and discusses both the CLI and ASDM implementation of policies using the class maps, policy maps and a service policy (which are the "framework" in Modular Policy Framework (MPF).
Maps to CCNP Firewall 642-618 objectives: Implement ASA inspections features.
TCP Advanced Options 00:39:34
Not all traffic is simple, and some traffic is intentionally malicious. In this video you and Keith discuss some of the advanced TCP challenges facing the ASA including asymmetrical routing conditions, TCP options that the ASA would normally remove (but are required for BGP authentication to work), and how to prevent a SYN-flood attack from taking down your critical servers. Concepts are reinforced by live demonstrations.
Maps to CCNP Firewall 642-618 objectives: Implement ASA inspections features
Layer 5-7 Advanced Inspection 00:43:02
What is being hidden behind TCP port 80? We assume it is valid HTTP, but how do we know for sure? Users could be tunneling non-http traffic over port 80 and malicious code on web servers could return data to clients that the browser had not asked for. To address these problems, the ASA allows for Layer 5-7 (TCP/IP application layer) advanced protocol inspection to keep an eye on those protocols and to enforce RFC compliance and/or filter what commands may be issued by the application layer protocol. In this video, Keith walks you through CLI and ASDM commands to implement and verify this feature.
Maps to CCNP Firewall 642-618 objectives: Implement ASA inspections features
Interfaces: Sub, Ether-channel and Redundant 00:39:39
Sometimes, using a single physical interface to support a single IP subnet just isn't enough. For example, if we need interfaces to support 25 subnets, but only have 8 physical interfaces, or when we need 4 times the bandwidth of our fastest interface, or when we need redundancy for a single interface. In this video, Keith describes each of these requirements and demonstrates how to implement the solution on the ASA firewall by using sub-interfaces, L3 Ether-channel and a redundant interfaces.
Maps to CCNP Firewall 642-618 objectives: Implement ASA Interface redundancy and load sharing features
Transparent Firewall 00:57:50
The ASA has a nice trick up its sleeve, in that it can be inserted into an existing network and leave the existing routers and IP addressing in place. It does this by converting to a layer 2 device from an IP perspective, but still maintains its ability to do stateful inspection at the higher layers. In this video Keith walks you through the options of using this feature by explaining and demonstrating the transparent firewall on both the ASA 5505, and the larger 5520.
Maps to CCNP Firewall 642-618 objectives: Implement ASA transparent firewall
AAA on the ASA 00:47:43
"Who, do you think you are? What do you think you are doing? That is getting reported." Those are the types of activities that go on all day long in a network where Authentication, Authorization and Accounting (AAA) are in use. In this Nugget, Keith walks you through the two major categories of users that need to be tracked using AAA, and then demonstrates how to implement the AAA features of management and cut-through proxy on the ASA.
Maps to CCNP Firewall 642-618 objectives: Implement ASA management features; Implement ASA access control features
Active/Standby Failover 00:50:47
Got HA? High Availability (HA) can be implemented on the ASA when there are 2 ASA firewalls, with appropriate licensing. One fault tolerant method is to use "Active/Standby Failover," and in this video, Keith describes how this works and demonstrates how to implement it from both the ASDM interface and the CLI.
Maps to CCNP Firewall 642-618 objectives: Implement ASA stateful failover
Virtual Firewalls (contexts) 00:51:16
Even with only one physical firewall, the option exists to create multiple logical firewalls using only a single ASA. In this video Keith discusses with you some reasons why we might want to place a firewall into "multiple mode", and then uses the CLI and ASDM to create and verify new contexts (virtual firewalls).
Maps to CCNP Firewall 642-618 objectives: Implement ASA virtualization feature
Active/Active Failover 01:06:28
High Availability (HA) using failover can be implemented using Active/Active when ASAs are configured in multiple mode. One of the benefits is that both firewalls can be configured to actively forward traffic and have the option of implementing some load sharing along with the fault tolerance. In this video, Keith walks you through the reasons, the logic and the configuration needed to implement Active/Active failover as well as verifying it.
Maps to CCNP Firewall 642-618 objectives: Implement ASA stateful failover
Botnet Filtering 00:17:05
Malware installed on a computer can allow an attacker to centrally control that device as part of an army of compromised hosts to form a botnet. The ASA has the option to work with a Cisco centralized database of IP addresses and domains that have been identified as being part of a botnet, so that the ASA can prevent traffic to and from those addresses. In this video, Keith discusses the steps to configure and enable botnet filtering.
Maps to CCNP Firewall 642-618 objectives: Implement ASA Botnet traffic filter
Management, Logging, Anti-spoofing and More... 00:46:47
What protocols are being allowed to the ASA for management, and where are logging messages being sent? In this video, Keith walks you through implementing security regarding management of the ASA, as well as the options of setting up logging to one of several destinations including email, syslog and ASDM. Unicast Reverse Path Filtering (uRPF) and the "established" command, including their purpose, are in this video.
Maps to CCNP Firewall 642-618 objectives: Implement ASA management features; Implement ASA access control features
GNS3 and the ASA 00:31:52
GNS3 is a free emulation environment that can be used to practice various vendors products, including Cisco and their routers. Until mid-2012, Firewall/ASA emulation was not easy to implement as it didn't always work correctly, when it worked at all in a virtual environment such as GNS3. With the current release of GNS3, the ASA ver 8.4 of software and associated ASDM can work very well in GNS3. In this video, Keith walks you through the list of tools and software that can be used to create a hands-on practice lab using GNS3.
==================================================
This DVDs are only suitable for a PC/laptop/Mac; it WILL NOT play on a TV
==================================================
Payment mode : Pay on my account ,Buying via ebay or Paypal
Shipping : By Courier through all over India
Shipping charge : Rs 50/- Flat Rate shipping anywhere in India
You can get with in two days
Any Advanced Graphic Design Software Tutorials, IT Software Tutorials, Multimedia Software Tutorials, All Engineering purpose Software Tutorials & All Software Tutorials Available
For more details
Email : digitalcollections4u@gmail.com
https://www.facebook.com/TutorialsDvDs
No comments:
Post a Comment