Oreilly - Cisco ASA 5500-X Series Next-Generation Firewalls LiveLessons (Workshop)
by Omar Santos | Publisher: Cisco Press | Release Date: May 2015 | ISBN: 9780134190969
More than 6 hours of video instruction More than 6 hours of video training on Cisco ASA 5500-X Series Next-Generation Firewalls. The workshop covers everything from initial design to advanced configuration and troubleshooting. Description Cisco ASA 5500-X Series Next-Generation Firewalls LiveLessons (Workshop) is an engaging and unique video course taught in front of a live audience. Omar Santos, senior incident manager and the technical leader of the Cisco Product Security Incident Response Team (PSIRT) and co-author of Cisco ASA: All-in-one Next-Generation Firewall, IPS, and VPN Services, teaches you the skills you need to design, configure, and troubleshoot the firewall features of the Cisco ASA 5500-X Series Next-Generation Firewalls and FirePOWER services with Advanced Malware Protection (AMP). This workshop, taught in front of a live audience, introduces Cisco ASA solutions to overcoming obstacles by providing complete configuration and troubleshooting guidance. Cisco ASA 5500-X Series Next-Generation Firewalls LiveLessons (Workshop) is the definitive insider's guide to planning, installing, configuring, and maintaining the new Cisco ASA firewall features.  Major topics include Lesson 1: Introduction to the Cisco ASA Lesson 2: Firewall Modes Lesson 3: Multiple Context Mode Lesson 4: Basic Settings Lesson 5: Network Address Translation (NAT)  Lesson 6: Controlling Access  Lesson 7: IP Routing  Lesson 8: Authentication, Authorization, Accounting (AAA) Support Lesson 9: Cisco ASAv  Lesson 10: High Availability Lesson 11: Application Layer Protocol Inspection Lesson 12: Logging  Lesson 13: NetFlow Support Lesson 14: Cisco ASA with FirePOWER Services Lesson 15: Threat Detection Question and Answer Session About the InstructorOmar Santos is a senior incident manager and the technical leader of the Cisco Product Security Incident Response Team (PSIRT), where he mentors and leads engineers and incident managers during the investigation and resolution of security vulnerabilities in all Cisco products. Omar has more than 19 years of experience (15 at Cisco) working with information technology and cybersecurity. Omar has designed, implemented, and supported numerous secure networks for Fortune 500 companies and the U.S. government. Prior to his current role, he was a technical leader within the World Wide Security Practice and the Cisco Technical Assistance Center (TAC), where he taught, led, and mentored many engineers within both organizations.  Omar is an active member of the security community, where he leads several industry-wide initiatives and standard bodies. His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants that are dedicated to increasing the security of critical infrastructure. Omar is the author of four books, numerous whitepapers, articles, and security configuration guidelines and best practices. Omar has also delivered numerous technical presentations at conferences and to Cisco customers and partners, as well as many C-level executive presentations to many organizations.  Author of numerous Cisco Press books, including  Cisco ASA: All-in-one Next-Generation Firewall, IPS, and VPN Services, Third Edition Network Security with NetFlow and IPFIX: Big Data Analytics for Information Security (to be published in 2015) Cisco Network Admission Control, Volume II: NAC Deployment and TroubleshootingEnd-to-End Network Security: Defense-in-DepthSkill Level Beginning to Intermediate: This video title encompasses topics from an introductory level to advanced topics on security and next-generation firewall capabilities. What You Will Learn The skills you need to design, configure, and troubleshoot the firewall features of the Cisco ASA 5500-X Series Next-Generation Firewalls. Who Should Take This Course Security professions; network professionals who manage network security and install and configure Cisco ASA firewalls.  Course Requirements Students must be familiar with general networking and security topics, including FirewallsIntrusion detection and intrusion prevention systemsLAN switching technologiesIP addressing (IPv4 and IPv6)IP routing technologies (RIP, OSPF, EIGRP, BGP, and so on)IP services (DHCP, NAT, ACLs, and so on)Basic troubleshooting  The LiveLessons Video Training series publishes hundreds of hands-on, expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. This professional and personal technology video series features world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, IBM Press, Pearson IT Certification, Prentice Hall, Sams, and Que. Topics include IT Certification, Programming, Web Development, Mobile Development, Home and Office Technologies, Business and Management, and more.  View all LiveLessons on InformIT at http://www.informit.com/livelessons.
- Introduction
- Cisco ASA 5500-X Series Next-Generation Firewalls LiveLessons--Workshop: Introduction 00:01:12
- Lesson 1: Introduction to the Cisco ASA
- 1.1 Cisco ASA Product and Solution Overview 00:02:47
- 1.2 Model Comparison 00:06:14
- 1.3 Introduction to Feature Licenses 00:04:45
- 1.4 Shared and Backup License Server 00:02:47
- 1.5 Accessing the Console for Command-Line Interface 00:05:50
- 1.6 Accessing the ASA Services Module Console 00:01:57
- 1.7 Accessing the ASAv Console 00:02:24
- 1.8 Configuring ASDM Access for Appliances and the ASAv 00:04:50
- 1.9 Configuring ASDM Access for the ASA Services Module 00:00:32
- Lesson 2: Firewall Modes
- 2.1 Introducing the Routed Firewall Mode 00:02:42
- 2.2 How Data Moves Through the ASA in Routed Firewall Mode 00:02:28
- 2.3 How Data Moves Through the ASA in Transparent Firewall Mode 00:02:27
- 2.4 Guidelines and Limitations 00:00:54
- 2.5 Configuring the Firewall Mode 00:01:16
- 2.6 Configuring ARP Inspection for the Transparent Firewall 00:00:58
- Lesson 3: Multiple Context Mode
- 3.1 Introduction to Security Contexts 00:02:20
- 3.2 Common Uses for Security Contexts 00:03:20
- 3.3 How the ASA Classifies Packets 00:04:07
- 3.4 Cascading Security Contexts 00:01:34
- 3.5 Management Access to Security Contexts 00:02:53
- 3.6 Information About Resource Management 00:01:59
- 3.7 Information About MAC Addresses 00:02:00
- 3.8 Licensing Requirements for Multiple Context Mode 00:01:10
- 3.9 Configuring Multiple Contexts 00:03:56
- 3.10 Managing Security Contexts 00:02:29
- Lesson 4: Basic Settings
- 4.1 Setting the Hostname, Domain Name, and Passwords 00:04:23
- 4.2 Password Recovery 00:04:04
- 4.3 Setting the Date, Time, and Configuring the ASA with an NTP Server 00:04:02
- 4.4 Configuring DHCP Services 00:02:42
- 4.5 Configuring the DHCPv4 Relay Agent 00:02:57
- 4.6 Configuring the DHCPv6 Relay Agent 00:01:03
- Lesson 5: Network Address Translation
- 5.1 NAT in Routed and Transparent Mode 00:04:54
- 5.2 Static NAT 00:03:58
- 5.3 Dynamic NAT 00:03:54
- 5.4 Dynamic PAT 00:05:35
- 5.5 Identity NAT 00:00:50
- 5.6 Twice NAT 00:04:05
- 5.7 NAT Troubleshooting 00:04:39
- Lesson 6: Controlling Network Access
- 6.1 Introduction to Access Control Lists (ACLs) 00:09:19
- 6.2 Basic ACL Configuration and Management Options 00:06:46
- 6.3 Standard ACLs 00:01:07
- 6.4 Webtype ACLs 00:01:01
- 6.5 EtherType ACLs 00:01:13
- 6.6 Time-Based ACLs 00:01:52
- 6.7 Configuring an ACL in ASDM 00:02:20
- 6.8 Monitoring ACLs 00:00:44
- Lesson 7: IP Routing
- 7.1 How Routing Behaves Within the ASA 00:02:07
- 7.2 Supported Internet Protocols for Routing 00:01:27
- 7.3 How the Routing Table is Populated 00:02:34
- 7.4 Dynamic Routing in Failover and Clustering 00:02:26
- 7.5 Dynamic Routing in Multiple Context Mode 00:02:19
- 7.6 Static and Default Routes 00:01:55
- 7.7 OSPF Support 00:02:13
- 7.8 Configuring OSPFv2 00:07:03
- 7.9 Configuring OSPFv3 00:01:04
- 7.10 Monitoring and Troubleshooting OSPF 00:03:18
- 7.11 Configuring EIGRP 00:07:16
- 7.12 Monitoring and Troubleshooting EIGRP 00:02:43
- 7.13 BGP Support 00:01:42
- 7.14 Configuring BGP 00:04:07
- 7.15 Monitoring and Troubleshooting BGP 00:03:01
- 7.16 RIP Support 00:01:19
- 7.17 Configuring RIP 00:01:39
- 7.18 Monitoring and Troubleshooting RIP 00:02:03
- Lesson 8: Authentication, Authorization, Accounting (AAA) Support
- 8.1 Supported Authentication Methods 00:04:03
- 8.2 Configuring Local Users 00:02:28
- 8.3 Configuring RADIUS 00:04:42
- 8.4 Monitoring and Troubleshooting RADIUS 00:06:15
- 8.5 Configuring LDAP 00:03:49
- 8.6 Monitoring and Troubleshooting LDAP 00:01:41
- 8.7 Configuring AAA for Management Access 00:01:47
- 8.8 Configuring AAA for Firewall Connections 00:03:54
- Lesson 9: Cisco ASAv
- 9.1 Introducing the ASAv 00:05:58
- 9.2 ASAv Interface Configuration 00:08:15
- 9.3 Monitoring the ASAv 00:01:38
- 9.4 Troubleshooting Tips When Deploying the ASAv 00:01:34
- Lesson 10: High Availability
- 10.1 Failover Overview and System Requirements 00:04:42
- 10.2 Failover Health Monitoring and Design Details 00:07:38
- 10.3 Configuring Active/Standby Failover 00:05:05
- 10.4 Configuring Active/Active Failover 00:04:15
- 10.5 Troubleshooting Failover Configurations 00:04:10
- 10.6 Introduction to ASA Clustering 00:07:30
- 10.7 Data Interface Modes 00:09:04
- 10.8 Clustering Packet Flow 00:04:03
- 10.9 Configuring Clustering 00:22:17
- 10.10 Inter Data Center ASA Clustering 00:09:57
- 10.11 Monitoring and Troubleshooting the ASA Cluster 00:03:13
- Lesson 11: Application Layer Protocol Inspection
- 11.1 How Inspection Engines Work 00:01:53
- 11.2 Using the Modular Policy Framework 00:05:07
- 11.3 Application Inspection Support 00:03:20
- 11.4 Configuring Application Inspection 00:08:15
- Lesson 12: Logging
- 12.1 Introduction to Logging 00:02:16
- 12.2 Logging in Multiple Context Mode 00:01:37
- 12.3 Syslog Message Analysis and Severity Levels 00:03:46
- 12.4 Configuring Logging 00:06:02
- Lesson 13: NetFlow Support
- 13.1 NetFlow Introduction 00:05:39
- 13.2 Enabling NetFlow Secure Event Logging (NSEL) 00:02:08
- 13.3 Troubleshooting NetFlow 00:01:51
- Lesson 14: Cisco ASA with FirePOWER Services
- 14.1 Introduction to FirePOWER Services 00:04:34
- 14.2 Inline Mode vs. Passive Mode 00:03:02
- 14.3 Management Access 00:01:55
- 14.4 Installing/Re-imaging the FirePOWER Module 00:11:01
- 14.5 Configuring the Cisco ASA FirePOWER Module 00:05:22
- 14.6 Adding the ASA FirePOWER to the FireSIGHT Management Center 00:01:39
- 14.7 Redirecting Traffic to the ASA FirePOWER Module 00:02:33
- 14.8 FireSIGHT Management Console 00:05:13
- Lesson 15: Threat Detection
- 15.1 Basic Threat Detection Statistics 00:02:37
- 15.2 Configuring Advanced Threat Detection Statistics 00:01:34
- 15.3 Configuring Scanning Threat Detection 00:01:34
- 15.4 Monitoring Threat Detection 00:02:48
- Summary
- Cisco ASA 5500-X Series Next-Generation Firewalls LiveLessons--Workshop: Summary 00:00:47
- Q&A Session
9780134190969.Cisco.ASA.5500X.Series.NextGeneration.Firewalls.LiveLessons.Workshop.part1.OR.rar
9780134190969.Cisco.ASA.5500X.Series.NextGeneration.Firewalls.LiveLessons.Workshop.part2.OR.rar
9780134190969.Cisco.ASA.5500X.Series.NextGeneration.Firewalls.LiveLessons.Workshop.part3.OR.rar