O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Cisco ASA 5500-X Series Next-Generation Firewalls LiveLessons (Workshop)

Video Description

More than 6 hours of video instruction

More than 6 hours of video training on Cisco ASA 5500-X Series Next-Generation Firewalls. The workshop covers everything from initial design to advanced configuration and troubleshooting.

Description

Cisco ASA 5500-X Series Next-Generation Firewalls LiveLessons (Workshop) is an engaging and unique video course taught in front of a live audience. Omar Santos, senior incident manager and the technical leader of the Cisco Product Security Incident Response Team (PSIRT) and co-author of Cisco ASA: All-in-one Next-Generation Firewall, IPS, and VPN Services, teaches you the skills you need to design, configure, and troubleshoot the firewall features of the Cisco ASA 5500-X Series Next-Generation Firewalls and FirePOWER services with Advanced Malware Protection (AMP).

This workshop, taught in front of a live audience, introduces Cisco ASA solutions to overcoming obstacles by providing complete configuration and troubleshooting guidance. Cisco ASA 5500-X Series Next-Generation Firewalls LiveLessons (Workshop) is the definitive insider's guide to planning, installing, configuring, and maintaining the new Cisco ASA firewall features. 

Major topics include

Lesson 1: Introduction to the Cisco ASA
Lesson 2: Firewall Modes
Lesson 3: Multiple Context Mode
Lesson 4: Basic Settings
Lesson 5: Network Address Translation (NAT) 
Lesson 6: Controlling Access 
Lesson 7: IP Routing 
Lesson 8: Authentication, Authorization, Accounting (AAA) Support
Lesson 9: Cisco ASAv 
Lesson 10: High Availability
Lesson 11: Application Layer Protocol Inspection
Lesson 12: Logging 
Lesson 13: NetFlow Support
Lesson 14: Cisco ASA with FirePOWER Services
Lesson 15: Threat Detection
Question and Answer Session 

About the Instructor

Omar Santos is a senior incident manager and the technical leader of the Cisco Product Security Incident Response Team (PSIRT), where he mentors and leads engineers and incident managers during the investigation and resolution of security vulnerabilities in all Cisco products. Omar has more than 19 years of experience (15 at Cisco) working with information technology and cybersecurity. Omar has designed, implemented, and supported numerous secure networks for Fortune 500 companies and the U.S. government. Prior to his current role, he was a technical leader within the World Wide Security Practice and the Cisco Technical Assistance Center (TAC), where he taught, led, and mentored many engineers within both organizations. 

Omar is an active member of the security community, where he leads several industry-wide initiatives and standard bodies. His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants that are dedicated to increasing the security of critical infrastructure.

Omar is the author of four books, numerous whitepapers, articles, and security configuration guidelines and best practices. Omar has also delivered numerous technical presentations at conferences and to Cisco customers and partners, as well as many C-level executive presentations to many organizations. 

Author of numerous Cisco Press books, including

  • ¬†Cisco ASA: All-in-one Next-Generation Firewall, IPS, and VPN Services, Third Edition
  • ¬†Network Security with NetFlow and IPFIX: Big Data Analytics for Information Security¬†(to be published in 2015)
  • Cisco Network Admission Control, Volume II: NAC Deployment and Troubleshooting
  • End-to-End Network Security: Defense-in-Depth
Skill Level

Beginning to Intermediate: This video title encompasses topics from an introductory level to advanced topics on security and next-generation firewall capabilities.

What You Will Learn

The skills you need to design, configure, and troubleshoot the firewall features of the Cisco ASA 5500-X Series Next-Generation Firewalls.

Who Should Take This Course

Security professions; network professionals who manage network security and install and configure Cisco ASA firewalls. 

Course Requirements

Students must be familiar with general networking and security topics, including
  • Firewalls
  • Intrusion detection and intrusion prevention systems
  • LAN switching technologies
  • IP addressing (IPv4 and IPv6)
  • IP routing technologies (RIP, OSPF, EIGRP, BGP, and so on)
  • IP services (DHCP, NAT, ACLs, and so on)
  • Basic troubleshooting¬†

The LiveLessons Video Training series publishes hundreds of hands-on, expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. This professional and personal technology video series features world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, IBM Press, Pearson IT Certification, Prentice Hall, Sams, and Que. Topics include IT Certification, Programming, Web Development, Mobile Development, Home and Office Technologies, Business and Management, and more. 


View all LiveLessons on InformIT at http://www.informit.com/livelessons.

Table of Contents

  1. Introduction
    1. Cisco ASA 5500-X Series Next-Generation Firewalls LiveLessons--Workshop: Introduction 00:01:12
  2. Lesson 1: Introduction to the Cisco ASA
    1. 1.1 Cisco ASA Product and Solution Overview 00:02:47
    2. 1.2 Model Comparison 00:06:14
    3. 1.3 Introduction to Feature Licenses 00:04:45
    4. 1.4 Shared and Backup License Server 00:02:47
    5. 1.5 Accessing the Console for Command-Line Interface 00:05:50
    6. 1.6 Accessing the ASA Services Module Console 00:01:57
    7. 1.7 Accessing the ASAv Console 00:02:24
    8. 1.8 Configuring ASDM Access for Appliances and the ASAv 00:04:50
    9. 1.9 Configuring ASDM Access for the ASA Services Module 00:00:32
  3. Lesson 2: Firewall Modes
    1. 2.1 Introducing the Routed Firewall Mode 00:02:42
    2. 2.2 How Data Moves Through the ASA in Routed Firewall Mode 00:02:28
    3. 2.3 How Data Moves Through the ASA in Transparent Firewall Mode 00:02:27
    4. 2.4 Guidelines and Limitations 00:00:54
    5. 2.5 Configuring the Firewall Mode 00:01:16
    6. 2.6 Configuring ARP Inspection for the Transparent Firewall 00:00:58
  4. Lesson 3: Multiple Context Mode
    1. 3.1 Introduction to Security Contexts 00:02:20
    2. 3.2 Common Uses for Security Contexts 00:03:20
    3. 3.3 How the ASA Classifies Packets 00:04:07
    4. 3.4 Cascading Security Contexts 00:01:34
    5. 3.5 Management Access to Security Contexts 00:02:53
    6. 3.6 Information About Resource Management 00:01:59
    7. 3.7 Information About MAC Addresses 00:02:00
    8. 3.8 Licensing Requirements for Multiple Context Mode 00:01:10
    9. 3.9 Configuring Multiple Contexts 00:03:56
    10. 3.10 Managing Security Contexts 00:02:29
  5. Lesson 4: Basic Settings
    1. 4.1 Setting the Hostname, Domain Name, and Passwords 00:04:23
    2. 4.2 Password Recovery 00:04:04
    3. 4.3 Setting the Date, Time, and Configuring the ASA with an NTP Server 00:04:02
    4. 4.4 Configuring DHCP Services 00:02:42
    5. 4.5 Configuring the DHCPv4 Relay Agent 00:02:57
    6. 4.6 Configuring the DHCPv6 Relay Agent 00:01:03
  6. Lesson 5: Network Address Translation
    1. 5.1 NAT in Routed and Transparent Mode 00:04:54
    2. 5.2 Static NAT 00:03:58
    3. 5.3 Dynamic NAT 00:03:54
    4. 5.4 Dynamic PAT 00:05:35
    5. 5.5 Identity NAT 00:00:50
    6. 5.6 Twice NAT 00:04:05
    7. 5.7 NAT Troubleshooting 00:04:39
  7. Lesson 6: Controlling Network Access
    1. 6.1 Introduction to Access Control Lists (ACLs) 00:09:19
    2. 6.2 Basic ACL Configuration and Management Options 00:06:46
    3. 6.3 Standard ACLs 00:01:07
    4. 6.4 Webtype ACLs 00:01:01
    5. 6.5 EtherType ACLs 00:01:13
    6. 6.6 Time-Based ACLs 00:01:52
    7. 6.7 Configuring an ACL in ASDM 00:02:20
    8. 6.8 Monitoring ACLs 00:00:44
  8. Lesson 7: IP Routing
    1. 7.1 How Routing Behaves Within the ASA 00:02:07
    2. 7.2 Supported Internet Protocols for Routing 00:01:27
    3. 7.3 How the Routing Table is Populated 00:02:34
    4. 7.4 Dynamic Routing in Failover and Clustering 00:02:26
    5. 7.5 Dynamic Routing in Multiple Context Mode 00:02:19
    6. 7.6 Static and Default Routes 00:01:55
    7. 7.7 OSPF Support 00:02:13
    8. 7.8 Configuring OSPFv2 00:07:03
    9. 7.9 Configuring OSPFv3 00:01:04
    10. 7.10 Monitoring and Troubleshooting OSPF 00:03:18
    11. 7.11 Configuring EIGRP 00:07:16
    12. 7.12 Monitoring and Troubleshooting EIGRP 00:02:43
    13. 7.13 BGP Support 00:01:42
    14. 7.14 Configuring BGP 00:04:07
    15. 7.15 Monitoring and Troubleshooting BGP 00:03:01
    16. 7.16 RIP Support 00:01:19
    17. 7.17 Configuring RIP 00:01:39
    18. 7.18 Monitoring and Troubleshooting RIP 00:02:03
  9. Lesson 8: Authentication, Authorization, Accounting (AAA) Support
    1. 8.1 Supported Authentication Methods 00:04:03
    2. 8.2 Configuring Local Users 00:02:28
    3. 8.3 Configuring RADIUS 00:04:42
    4. 8.4 Monitoring and Troubleshooting RADIUS 00:06:15
    5. 8.5 Configuring LDAP 00:03:49
    6. 8.6 Monitoring and Troubleshooting LDAP 00:01:41
    7. 8.7 Configuring AAA for Management Access 00:01:47
    8. 8.8 Configuring AAA for Firewall Connections 00:03:54
  10. Lesson 9: Cisco ASAv
    1. 9.1 Introducing the ASAv 00:05:58
    2. 9.2 ASAv Interface Configuration 00:08:15
    3. 9.3 Monitoring the ASAv 00:01:38
    4. 9.4 Troubleshooting Tips When Deploying the ASAv 00:01:34
  11. Lesson 10: High Availability
    1. 10.1 Failover Overview and System Requirements 00:04:42
    2. 10.2 Failover Health Monitoring and Design Details 00:07:38
    3. 10.3 Configuring Active/Standby Failover 00:05:05
    4. 10.4 Configuring Active/Active Failover 00:04:15
    5. 10.5 Troubleshooting Failover Configurations 00:04:10
    6. 10.6 Introduction to ASA Clustering 00:07:30
    7. 10.7 Data Interface Modes 00:09:04
    8. 10.8 Clustering Packet Flow 00:04:03
    9. 10.9 Configuring Clustering 00:22:17
    10. 10.10 Inter Data Center ASA Clustering 00:09:57
    11. 10.11 Monitoring and Troubleshooting the ASA Cluster 00:03:13
  12. Lesson 11: Application Layer Protocol Inspection
    1. 11.1 How Inspection Engines Work 00:01:53
    2. 11.2 Using the Modular Policy Framework 00:05:07
    3. 11.3 Application Inspection Support 00:03:20
    4. 11.4 Configuring Application Inspection 00:08:15
  13. Lesson 12: Logging
    1. 12.1 Introduction to Logging 00:02:16
    2. 12.2 Logging in Multiple Context Mode 00:01:37
    3. 12.3 Syslog Message Analysis and Severity Levels 00:03:46
    4. 12.4 Configuring Logging 00:06:02
  14. Lesson 13: NetFlow Support
    1. 13.1 NetFlow Introduction 00:05:39
    2. 13.2 Enabling NetFlow Secure Event Logging (NSEL) 00:02:08
    3. 13.3 Troubleshooting NetFlow 00:01:51
  15. Lesson 14: Cisco ASA with FirePOWER Services
    1. 14.1 Introduction to FirePOWER Services 00:04:34
    2. 14.2 Inline Mode vs. Passive Mode 00:03:02
    3. 14.3 Management Access 00:01:55
    4. 14.4 Installing/Re-imaging the FirePOWER Module 00:11:01
    5. 14.5 Configuring the Cisco ASA FirePOWER Module 00:05:22
    6. 14.6 Adding the ASA FirePOWER to the FireSIGHT Management Center 00:01:39
    7. 14.7 Redirecting Traffic to the ASA FirePOWER Module 00:02:33
    8. 14.8 FireSIGHT Management Console 00:05:13
  16. Lesson 15: Threat Detection
    1. 15.1 Basic Threat Detection Statistics 00:02:37
    2. 15.2 Configuring Advanced Threat Detection Statistics 00:01:34
    3. 15.3 Configuring Scanning Threat Detection 00:01:34
    4. 15.4 Monitoring Threat Detection 00:02:48
  17. Summary
    1. Cisco ASA 5500-X Series Next-Generation Firewalls LiveLessons--Workshop: Summary 00:00:47
  18. Q&A Session
    1. Q&A Session 00:15:00