ICSFW: ICSFW: Introduction to Cisco Secure Firewall

To view the class schedule you need to become an Affiliate

• Largest “Guaranteed To Run” public technical training schedules available
• Easy to become an Affiliate – no charge or fee

Become an EPIC Affiliate

already an Affiliate?  Login

About this Course

In this 3-day course students will learn to deploy, configure, and manage Cisco Secure Firewall/Firepower Threat Defense. This hands-on course will help develop the skills to use and configure Cisco FTD, starting with the initial device setup and configuration. Students will learn to implement Next-Generation Firewall (NGFW) and Next-Generation Intrusion Prevention System (NGIPS) features. Students will also learn to analyze events, system administration, and basic troubleshooting.

Audience Profile

Network Security Administrators
Network Security Engineers
Network Security Managers
Security Sales Engineers
Security System Engineers
Anyone else who wants to learn about Cisco Secure Firewall

At Course Completion

Describe the operating principles of a Next-Generation Firewall
Configure any Cisco Secure Firewall using the GUI
Ensure that proper perimeter security is enabled using Cisco Secure Firewall
Describe the different common use cases of Cisco Secure Firewall

Outline

Overview of Cisco Secure Firewall (CSF)

Basic firewall and IPS terminologies
Understand CSF features
Examine different platforms
Examine licensing
General implementation use cases
Device Configuration

Device Registration
Differentiate between FXOS and FTD image
Differentiate between management options FDM and FMC
Initial device activation and configuration
Examining different policies
Define objects
Explore system configuration
Configure Health Monitoring
Discuss device/ platform management options
Overview of High Availability
Cisco Secure Firewall Traffic Control

Describe packet processing
Explain traffic bypassing
Discuss pre-filter policy
Network Address Translation (NAT) Configurations

Overview of NAT
Different NAT rule types
Implementing and configuring NAT
Network Discovery

Explain Network Discovery
Configure Network Discovery
Access Control Policies

Overview of Access Control Policies (ACP)
Describe Access Control Policy rules and default action
Define further inspection feature in a rule
Overview of logging options for a rule
Advanced Settings in an ACP
Deploying the change in an ACP
Security Intelligence

Overview of Security Intelligence (SI)
Configure Security Intelligence objects
Deploy SI
File Control and Advanced Malware Protection

Overview of malware and file policy
Discuss Advanced Malware Protection
Next-Generation Intrusion Prevention Systems

Overview of Intrusion Prevention and Snort rules
Explain variables and variable sets
Configure intrusion policies
Describe firepower recommendations
Analyzing different Events

Discuss different types of events
Explore analysis tools
Analyze threats
General System Administration

Manage device updates
Explore user account management features
Configuring different user accounts
Basic Troubleshooting

Identify common misconfigurations
Basic troubleshooting commands
Using packet trace

Lab Exercises
Initial Device Setup

FTD initial boot up and n/w configuration (walkthrough/ no hands-on)
FMC initial boot up and n/w configuration (walkthrough/ no hands-on)
FTD onboarding to FMC
Basic Configuration and Verification

Verify/ create different objects
Verify/ create interface and routing configuration
Configure Security Intelligence

Configure Security Intelligence objects
Modify/ customize Security Intelligence
Configure Intrusion Policy

Reuse base IPS policy (SNORT2/ SNORT3)
Create a new IPS policy (SNORT2/ SNORT3)
Configure/ Modify the Access Control Policy

Allow internal/ DMZ access (inbound)
Allow Internet access (outbound)
[Use a SNORT2/ SNORT3 Intrusion Policy configured in exercise 4]
Configure NAT Policies

Dynamic NAT
Static NAT
Configure/ Modify Network Discovery Policy

Understand/ differentiate hosts, users, and applications
Configure/ tune the network discovery policy based on your environment
Deploy Changes

Review the changes that will apply to the NGFW
Deploy all the configuration changes to the NGFW
Test/ Analyze the NGFW Traffic

Connectivity
IPS functionality
Malware blocking capabilities
System Administration Overview

Health Monitoring
Device Backup and Restore
Reporting Overview
Scheduling Tasks
Change Reconciliation

Prerequisites

Before taking this course, it would be good to have some understanding of Network Security fundamentals.
Exposure to working with any Network firewall will be an advantage.