CSFAF: CSFAF: Cisco Secure Firewall Advanced Features, Operations & Management

Become an EPIC Affiliate

To view the class schedule you need to become an Affiliate

  • Largest “Guaranteed To Run” public technical training schedules available
  • Easy to become an Affiliate – no charge or fee
Become an EPIC Affiliate

already an Affiliate?  Login

About this Course

In this 3-day, lab intense course students will learn about many of the advanced features, day-2 operations and management of Cisco Secure Firewall / Firepower Threat Defense. Through intense lab exercises students will develop the skills to configure, manage and troubleshoot problems with Cisco FTD devices. After a short review of CSF, we will cover advanced features like security intelligence, file control, advanced malware protection, redundancy, external threat intelligence, domain management, SNORT3, and advanced packet flow analysis. We will also have a look at what’s new in version 7.x. You will gain leading-edge skills for high-demand security focused responsibilities.

Audience Profile

Network Security Administrators
Network Security Engineers
Network Security Managers
Security Sales Engineers
Security System Engineers
Anyone else who wants to learn about Cisco Secure Firewall

At Course Completion

  • Describe the advanced features of a Next-Generation Firewall
  • Explain the newly release features
  • Configure advanced and newly released features
  • Understand advanced packet flow analysis

Outline

Next-Generation Features of Cisco Secure Firewall (CSF)

  • Security Intelligence (SI)
  • File Control and Advanced Malware Protection
  • Malware and File Policy
  • Overview of Intrusion Prevention and Snort Rules
  • Firepower Recommendations

Cisco Secure Firewall Redundancy

  • Overview of High Availability (HA)
  • Discuss active / standby HA

External Threat Intelligence

  • Overview of external feeds
  • Describe incidents
  • Explain Cisco Threat Intelligence Director (CTID)
  • Understanding subscription of CTID to external feeds

Domain Management

  • Introduction to multi-tenancy using domains
  • Managing domains
  • Creating new domains
  • Moving devices between domains

VPNs

  • Site-to-Site VPN
  • RA-VPN

SNORT3

  • Introduction to Snort3
  • Explain Elephant Flow
  • Discuss Snort3 recommendations
  • Explain rule actions

Advance Packet Flow Analysis

  • Using the ’Packet-Tracer’ feature
  • Using the ’Capture with Trace’ feature

What’s New in 7.x

  • VPN Load Balancing for FMC-managed devices
  • Explain FQDN NAT
  • Understand network wildcard mask object
  • Discuss direct Internet access
  • Describe AnyConnect with SAML external browser
  • Explain encrypted visibility engine
  • Discuss enhancement in TLS (focus on TLS 1.3)

Lab Exercises

  • Configuring CTID
  • Configure FQDN NAT
  • Using Wildcard Mask
  • Configure Direct Internet Access (DIA) with Policy Based Routing (PBR)
  • Configure Site-to-Site VPN
  • Configuring AnyConnect VPN
  • Configuring and detecting Elephant Flow using Snort3
  • Configuring Snort3 Firepower recommendations
  • Configuring additional rule actions for Snort3
  • Configuring and validating enhanced Captive Portal
  • Setting up an Encrypted Visibility Engine for reports, events, and telemetry
  • TLS 1.3 ESNI extension (overview/ no hands-on)
  • Advance Packet Flow Analysis
  • Configure High Availability (Active / Standby)
  • Remote deployments, selective deployment, and rollbacks (overview/ no hands-on

Prerequisites

<strong>Prerequisites:</strong>
Before taking this course, it would be good to have a basic understanding of Cisco Secure Firewall and some hands-on experience working on the device (Cisco Secure Firewall). If you don’t have the pre-requisites described above, then a good way to prepare for this course is to attend our course ’Introduction to Cisco Secure Firewall’.