SASAC (IMPLEMENTING CORE CISCO ASA SECURITY) 1.0

Documentos relacionados
SIMOS (IMPLEMENTING CISCO SECURE MOBILITY) 1.0

CANAC (IMPLEMENTING CISCO NAC APPLIANCE) 2.1

Designing and Implementing a Server Infrastructure (20413)

Administering Windows Server 2012 (20411)

Curso: Percurso CCNP Engenharia de Redes Cisco

Installing and Configuring Windows Server 2012 (20410)

NMENPI (MANAGING ENTERPRISE NETWORKS WITH CISCO PRIME INFRASTRUCTURE) 2.x

Implementing Cisco Service Provider Next- Generation Core Network Services (SPCORE)

Installing and Configuring Windows Server 2012 (20410)

NGIPS (IMPLEMENTING IPS (SOURCEFIRE) FIREPOWER&FIRESIGHT AND INTEGRATION NGFW ASA) 1.0

20741: Networking with Windows Server Sobre o curso. Microsoft - Servidores. Promoção: 405 de desconto nesta edição Valor com campanha: 1.

Deploying and Managing Windows 10 Using Enterprise Services ( )

IINS (IMPLEMENTING CISCO IOS NETWORK SECURITY) 3.0

Administering Microsoft Exchange Server 2016 ( )

Core Solutions of Microsoft Skype for Business 2015 (20334)

Planning for and Managing Devices in the Enterprise: Enterprise Management Suite (EMS) & On-Premises Tools (20398)

ASA: Acesso remoto do modo do Multi-contexto (AnyConnect) VPN

SEGURANÇA APLICADA MATERIAL 19

Configurar o 2.1 ISE e a verificação da postura USB de AnyConnect 4.3

Supporting and Troubleshooting Windows 10 (10982)

Handson Cisco IOS VPN. (Guião CE1 - Parte 2)

Características do Grupo-fechamento ASA e de Cisco IOS e atributos AAA e exemplo de configuração WebVPN

ASA/PIX: IP Estático que endereça para o cliente do IPSec VPN com CLI e exemplo da configuração ASDM

Designing and Deploying Microsoft Exchange Server 2016 ( )

VMware vsphere: Install, Configure, Manage [v6.5] (VWVSICM6.5)

Installation, Storage, and Compute with Windows Server 2016 (20740)

Configurando IPSec Router para Router com Sobrecarga NAT e Cisco Secure VPN Client

Installation, Storage, and Compute with Windows Server 2016 (20740)

Microsoft Azure Fundamentals (10979)

Configurando IPSec entre três roteadores usando endereços privados

Configurando o roteador para roteador do IPsec com sobrecarga e Cisco Secure VPN Client NAT

Updating Your SQL Server Skills to Microsoft SQL Server 2014 (10977)

Configurando uma rede privado para privado de túnel IPSec de roteador com NAT e uma estática

AnyConnect sobre IKEv2 ao ASA com AAA e certificado de autenticação

Autenticação do proxy de autenticação de partida - Nenhuma Cisco IOS Firewall ou configuração de NAT

Permita o acesso ao Internet para o módulo ips ASA 5500-X

Configurar a postura da versão 1.4 ISE com Microsoft WSUS

Guia de distribuição vagueando do módulo da Segurança de AnyConnect OpenDNS

Sistemas Informáticos Cisco Certified Networking Academy (v5.0)

Designing Solutions for Microsoft SQL Server 2014 (20465)

Configuração do acesso remoto VPN de AnyConnect em FTD

FTD: Como permitir a configuração do desvio do estado TCP usando a política de FlexConfig

Configurar a postura ASA VPN com CSD, DAP e AnyConnect 4.0

Postura da versão ASA VPN com exemplo de configuração ISE

Cisco ASA Firewall Guia Prático

Configurando IPSec - Cisco Secure VPN Client para acesso de controle do roteador central

Cisco IOS Router: Local, TACACS+ e autenticação RADIUS do exemplo de configuração da conexão de HTTP

ASDM 6.4: Túnel do VPN de Site-para-Site com exemplo de configuração IKEv2

Exemplo de Configuração do PIX/ASA como um Servidor VPN Remoto com Autenticação Estendida Usando a Interface de Linha de Comando e o ASDM

PIX/ASA 7.x ASDM: Restrição do Acesso à Rede de Usuários de VPN de Acesso Remoto

Exemplo de Configuração de Roteador que Permite Clientes VPN se Conectarem via IPsec e à Internet Usando a Separação de Túneis

Balanceamento de Carga de NAT no IOS para Duas Conexões de ISP

CompTIA A+ Essentials (CA+)

SWITCH (IMPLEMENTING CISCO IP SWITCHED NETWORKS) 2.0

Configurar um server público com Cisco ASDM

Transcrição:

SASAC (IMPLEMENTING CORE CISCO ASA SECURITY) 1.0 Objetivo Este curso capacita um administrador de rede para implantar uma solução de firewall Cisco utilizando o ASA. Após a conclusão deste curso, o aluno será capaz de atender a esses objetivos gerais: Explicar as características essenciais do núcleo de serviços do Cisco ASA 5500-X Firewalls; Descrever e implantar a conectividade básica e o gerenciamento; Descrever e implantar a integração básica na rede; Descrever e implantar controles básicos de política; Descrever e implantar os componentes de VPN mais comuns; Descrever e implantar soluções de VPN Client-Less SSL; Descrever e implantar soluções de VPN Full-Tunnel com Cisco AnyConnect. Público Alvo O público principal deste curso é composto por: Os engenheiros de rede e operadores que prestam suporte em soluções utilizando a versão 9.x do Cisco ASA. Pré-Requisitos Os conhecimentos e habilidades que o aluno deve ter antes de participar deste curso são os seguintes: Certificação CCNA ou conhecimentos equivalentes; Ter participado nos cursos Firewall 1.0 ou firewall v2.0, ou possuír conhecimentos equivalentes. Carga Horária 40 horas (5 dias). Conteúdo Programático Cisco ASA Adaptive Security Appliance Essentials Evaluating Cisco ASA Adaptive Security Appliance Technologies Firewall Technologies Cisco ASA Adaptive Security Appliance Features Identifying Cisco ASA Adaptive Security Appliance Models Cisco ASA Adaptive Security Appliance Hardware Identifying Cisco ASA Adaptive Security Appliance Licensing Options Cisco ASA Adaptive Security Appliance Licensing Options Cisco ASA Adaptive Security Appliance Licensing Requirements Basic Connectivity and Device Management Preparing the Cisco ASA Adaptive Security Appliance for Network Integration

Managing the Cisco ASA Adaptive Security Appliance Boot Process Managing the Cisco ASA Adaptive Security Appliance Using the CLI Managing the Cisco ASA Adaptive Security Appliance Using Cisco ASDM Navigating Basic Cisco ASDM Features Managing the Cisco ASA Adaptive Security Appliance Basic Upgrade Managing Basic Cisco ASA Adaptive Security Appliance Network Settings Managing Cisco ASA Adaptive Security Appliance Security Levels Configuring and Verifying Basic Connectivity Parameters Configuring and Verifying Interface VLANs Configuring a Default Route Configuring and Verifying the Cisco ASA Security Appliance DHCP Server Troubleshooting Basic Connectivity Network Integration Configuring Cisco ASA Adaptive Security Appliance NAT Features NAT on Cisco ASA Security Appliances Configuring Object (Auto) NAT Configuring Manual NAT Tuning and Troubleshooting NAT on the Cisco ASA Adaptive Security Appliance Configuring Cisco ASA Adaptive Security Appliance Basic Access Control Features Connection Table and Local Host Table Configuring and Verifying Interface ACLs Configuring and Verifying Global ACLs Configuring and Verifying Object Groups Configuring and Verifying Public Servers Configuring and Verifying Other Basic Access Controls Troubleshooting ACLs Configuring Cisco ASA Adaptive Security Appliance Routing Features Static Routing Dynamic Routing EIGRP Configuration and Verification Multicast Support Cisco ASA Adaptive Security Appliance Policy Controls Defining the Cisco ASA Adaptive Security Appliance MPF Cisco MPF Overview Configuring and Verifying Layer 3 and Layer 4 Policies Configuring and Verifying a Policy for Management Traffic Configuring Cisco ASA Adaptive Security Appliance Advanced Application Inspections Layer 5 to Layer 7 Policy Control Overview Configuring and Verifying HTTP Inspection Configuring and Verifying FTP Inspection Supporting Other Layer 5 to Layer 7 Applications Troubleshooting Application Layer Inspection

Cisco ASA Adaptive Security Appliance VPN Common Components VPN Overview VPN Definition Key Threats to WANs and Remote Access VPN Types VPN Components Implementing Profiles, Group Policies, and User Policies Cisco ASA VPN Policy Configuration Cisco ASA Adaptive Security Appliance Connection Profiles Cisco ASA Adaptive Security Appliance Group Policies Cisco ASA VPN AAA and External Policy Storage Cisco ASA Adaptive Security Appliance User Attributes Access Control Methods VPN Accounting Using External Servers DAP for SSL VPN Implementing PKI Services Using PKI Provisioning Server-Side Certificates on the Cisco ASA Adaptive Security Appliance CA Servers Deploying Client-Based Certificate Authentication SCEP Proxy Operations Enable Certificate Authentication in Connection Profile Configuring Certificate-to-Connection Profile Mappings Cisco Clientless VPN Solution Introducing Clientless SSL VPN Cisco Clientless SSL VPN Cisco Clientless SSL VPN Use Cases Cisco Clientless SSL VPN Resource Access Methods Secure Sockets Layer and Transport Layer Security SSL Session Setup and Key Management SSL Server Authentication SSL Client Authentication SSL Transmission Protection Deploying Basic Cisco Clientless SSL VPN on the Cisco ASA Adaptive Security Appliance Basic Cisco Clientless SSL VPN Server Authentication in Basic Clientless SSL VPN Client-Side Authentication in Basic Clientless SSL VPN Clientless SSL VPN URL Entry and Bookmarks Basic Access Control for Clientless SSL VPN Disabling Content Rewriting Basic Clientless SSL VPN Configuration Tasks Basic Clientless SSL VPN Configuration Scenario Configuring Basic Cisco Clientless SSL VPN Verifying Basic Cisco Clientless SSL VPN

Troubleshooting Basic Clientless SSL VPN Opera Deploying Application Access in Cisco Clientless SSL VPN Clientless SSL VPN Application Access Overview Application Plug-Ins Configuring Application Plug-ins Verify Clientless SSL VPN Application Plug-Ins Troubleshooting Clientless SSL VPN Application Plug-Ins Smart Tunnels Configuring Smart Tunnels Verifying Smart Tunnels Troubleshoot Smart Tunnels Deploying Client-Side Authentication and Authorization in Clientless SSL VPN Client-Side Authentication Options Client-Side Authentication and Authorization Using AAA Server Double Client-Side Authentication Using AAA Servers Troubleshooting Client-Side AAA Authentication Cisco AnyConnect Full Tunnel VPN Solutions Deploying Basic Cisco AnyConnect SSL VPN on Cisco ASA Basic Cisco AnyConnect SSL VPN SSL VPN Clients Authentication SSL VPN Client IP Address Assignment SSL VPN Split Tunneling Configuration Scenario Configuration Tasks Enable Cisco AnyConnect SSL VPNs Define IP Address Pool Configure Identity NAT Configure Group Policy Configure Group Policy: Split Tunneling Configure Connection Profile Monitor Cisco AnyConnect VPN on Client Endpoint Monitor Cisco AnyConnect VPN on Server Deploying Advanced Cisco AnyConnect SSL VPN on Cisco ASA Cisco AnyConnect SSL VPN Solution Components DTLS Overview Parallel DTLS and TLS Tunnels Configure DTLS Verify DTLS Cisco AnyConnect Client Configuration Management Managing Cisco AnyConnect Software from Cisco ASA Cisco AnyConnect Client Operating System Integration Options Deploying Cisco AnyConnect Trusted Network Detection Cisco AnyConnect Start Before Logon Deploying Cisco AnyConnect Start Before Logon

Deploying Advanced Authentication and Authorization in Cisco AnyConnect VPNs Cisco AnyConnect Advanced Authentication Scenarios Certificate-Based Server Authentication Client Enrollment Methods Methods for Revoking Credentials Enable Certificate-Based Authentication Enable Two-Factor Authentication Two-Factor Authentication with Name Prefill Local Authorization Overview Local Authorization Configuration Procedure Configure Local Authorization Verify Local Authorization External Authorization Scenario Configure Authorization Using LDAP/AD Verify External Authorization Troubleshooting Cisco AnyConnect VPN Deploying Cisco AnyConnect IPsec/IKEv2 VPNs Cisco AnyConnect Support for IKEv2 Internet Key Exchange v1 and v2 Making IPsec the Primary Protocol for a Host Entry IKEv2 Configuration Procedure Configure a Cisco AnyConnect IPsec VPN on a Cisco ASA Appliance Verify and Troubleshoot Cisco AnyConnect IPsec VPN on Cisco ASA Appliance Cisco ASA Adaptive Security Appliance High Availability and Virtualization Configuring Cisco ASA Adaptive Security Appliance Interface Redundancy Features Configuring and Verifying EtherChannel Configuring and Verifying Redundant Interfaces Troubleshooting EtherChannel and Redundant Interfaces Configuring Cisco ASA Adaptive Security Appliance Active/Standby High Availability Failover Overview Configuration Choices, Basic Procedures, and Required Input Parameters Configuring and Verifying Active/Standby Failover Tuning and Managing Active/Standby Failover Remote Command Execution Troubleshooting Active/Standby Failover Configuring Security Contexts on the Cisco ASA Adaptive Security Appliance Multiple-Context Mode Configuring Security Contexts Verifying and Managing Security Contexts Configuring and Verifying Resource Management Troubleshooting Security Contexts LABS Lab 1: Accessing the Remote Lab Environment

Lab 2: Configuring the Cisco ASA Adaptive Security Appliance Lab 3: Configuring NAT Lab 4: Configuring Basic Cisco Access Control Features Lab 5: Configuring MPF, Basic Stateful Inspections, and QoS Lab 6: Configuring MPF Advanced Application Inspections Lab 7: Implementing Basic Clientless SSL VPN on the Cisco ASA Lab 8: Configuring Application Access for Clientless SSL VPN on the Cisco ASA Lab 9: Implementing External Authentication and Authorization for Clientless SSL VPNs Lab 10: Implementing Basic Cisco AnyConnect SSL VPN on the Cisco ASA Lab 11: Configuring Advanced Authentication for Cisco AnyConnect SSL VPNs Lab 12: Implementing Cisco AnyConnect IPsec/IKEv2 VPNs Lab 13: Configuring Active/Standby High Availability

2026 © DocPlayer.com.br Política de Privacidade | Termos de serviço | Feedback