Hello
Your cart is empty. View / Checkout
United States Pricing
813-421-2951
Other Solutions

FIREWALL

Deploying Cisco ASA Firewall Features

  • Course Availability

Cisco Certified Network Professional (CCNP) Security 642-617 FIREWALL

Course Title: Deploying Cisco ASA Firewall Features

Course Code: FIREWALL 642-617
Duration: 5 Days


Course Overview

The Deploying Cisco ASA Firewall Feature (FIREWALL) training course aims to provide network security engineers with the necessary skills and knowledge required to implement and maintain Cisco ASA adaptive security appliance-based perimeter solutions. After attending this course candidates will be able to reduce risk to the IT infrastructure and applications using Cisco ASA adaptive security appliance features, and provide detailed operations support for the Cisco ASA adaptive security appliance.

Target Audience

Candidates who should consider attending the FIREWALL 642-617 Cisco training course are those who implement and maintain Cisco ASA firewalls, Network security specialists and technicians, and those seeking Cisco Certified Network Professional (CCNP) Security certification.

Please note that the Cisco Certified Network Professional (CCNP) Security certification replaces the CCSP certification and is tuned specifically to the role of the Cisco Network Security Engineer. This course is recommended for those undertaking the 642-617 FIREWALL exam.


Course Objectives

On successfully completing the FIREWALL 642-617 course candidates will be able to:
  • Evaluate the basic technology, features and hardware models of the Cisco ASA adaptive security appliance product line
  • Implement and maintain basic Cisco ASA adaptive security appliance connectivity and device management plane features
  • Implement and maintain data plane access control features of the Cisco ASA adaptive security appliance product family
  • Implement and maintain Cisco ASA adaptive security appliance features that integrate it with the local and global routing and switching infrastructure
  • Implement and maintain Cisco ASA adaptive security appliance virtualization and high availability features
  • Evaluate Cisco ASA adaptive security appliance SSM modules, their major features and integrate them with the Cisco ASA adaptive security appliance

Course Prerequisites

Candidates attending the FIREWALL 642-617 Cisco training course should hold a valid CCNA certification (this can be ICND1 plus ICND2 or CCNA 640-802). A valid IINS Certifcation is also required and a working knowledge of Microsoft Windows OS would be an advantage.

Testing and Certification

The FIREWALL Cisco training course is the recommended preparation for the 642-647 FIREWALL - Deploying Cisco ASA Firewall Solutions exam. Please note that FIREWALL 642-617 is only one of four courses required for the Cisco Certified Network Professional for security career certification and the SECURE, VPN and IPS courses are recommended for further study.

Course Content

Introduction to the Cisco ASA adaptive security appliance:
  • Introducing Cisco ASA adaptive security appliance technology and features
  • Introducing the Cisco ASA adaptive security appliance family
Implementation of basic connectivity and device management:
  • Getting started with the Cisco ASA adaptive line security appliance and Cisco ASDM
  • Configuring interfaces and static routing
  • Configuring basic device management features
  • Configuring management access
Deployment of Cisco ASA adaptive security appliance access control features:
  • Configuring basic access control
  • Using Cisco ASA adaptive security appliance modular policy framework
  • Tuning basic stateful inspection features
  • Configuring application-layer policies
  • Configuring advanced access controls
  • Configuring resource limits and guarantees
  • Configuring user-based policies (cut-through proxy)
Deployment of Cisco ASA adaptive security appliance network integration features:
  • Deploying network address translation
  • Configuring Cisco ASA adaptive security appliance transparent operations
Deployment of Cisco ASA adaptive security appliance virtualization and high availability features:
  • Deploying Cisco ASA adaptive security appliance virtualization features
  • Deploying Cisco ASA adaptive security appliance redundant interfaces
  • Deploying active/standby high availability failover
  • Deploying active/active high availability failover
Integration of Cisco ASA adaptive security:
  • Introducing the Cisco ASA adaptive security appliance security service modules
  • Integrating the Cisco ASA adaptive security appliance AIP-SSM and AIP-SSC modules
  • Integrating the Cisco ASA adaptive security appliance CSC-SSM module
Labs:
  • Configuring basic connectivity
  • Configuring management features
  • Configuring basic access control
  • Tuning basic Cisco ASA adaptive security appliance stateful inspection features
  • Configuring application-layer policies
  • Configuring advanced access controls
  • Configuring user-based policies (cut-through proxy)
  • Configuring Cisco ASA adaptive security appliance NAT
  • Configuring transparent firewall mode
  • Deploying a Cisco ASA adaptive security appliance active/standby failover
  • Deploying a Cisco ASA adaptive security appliance active/active failover
Appendices
  • Appendix A: Configuring routing on the Cisco ASA adaptive security appliance
  • Appendix B: Lab (Optional): configuring dynamic routing

Recertification

Cisco professional level certifications (CCNP, CCNP SP Operations, CCNP Wireless, CCDP, CCNP Security, CCNP Voice, and CCIP) are valid for three years. To recertify, pass any 642 exam that is part of the professional level curriculum or pass any CCIE/CCDE written exam before the certification expiration date.


Please note that by achieving or recertifying in any of above the certifications automatically extends active Associate and Professional level certification(s) up to the point of expiration of the last certification achieved. For more information, access the Cisco About Recertification page.


PLEASE NOTE: Every effort has been made to ensure the accuracy of all information contained herein. IT Help and Support Centre Ltd makes no warranty expressed or implied with respect to accuracy of this information, including price, product editorials or product specifications. IT Help and Support Centre Ltd or its suppliers shall not be liable for incidental, consequential or special damages arising from, or as a result of, any electronic transmission or the accuracy of the information contained herin, even if IT Help and Support Centre Ltd has been advised of the possibility of such damages. Product and manufacturer names are used only for the purpose of identification.
Privacy Statement Terms & Conditions