Cisco ASA Next Gen Firewall with FirePOWER Services Technical Workshop v1.0 Global Knowledge Egypt

Overview:

Multifaceted, highly dynamic applications and bring-your-own-device (BYOD) workplaces have become the norm. And with them comes the challenge to balance productivity with security

Cisco has the industry’s first adaptive, threat-focused next-generation firewall (NGFW) designed for a new era of threat and advanced malware protection. Cisco ASAs with FirePOWER Services deliver an integrated threat defense across the entire attack continuum — before, during, and after an attack. It combines the proven security capabilities of the ASA Firewalls with industry-leading Sourcefire threat and advanced malware protection features in a single device. This extends the capabilities of the Cisco ASA 5500-X Series beyond what other NGFW solutions provide.

Cisco ASA Next-Generation Firewall FirePOWER Services (SFR) Module addresses these needs by integrating the next-generation intrusion prevention system (NGIPS), application visibility & control (AVC), reputation- and category-based URL filtering and advanced malware protection (AMP) capabilities from Sourcefire. This integrated approach with multilayer protection gives much greater visibility into what’s going on in your network. With full contextual awareness you will see all the resources.

Cisco FireSIGHT Management Center is the central management Center for all Sourcefire security solutions. The FireSIGHT Management Center lets you see and correlate extensive amounts of event data – applications, users, devices, operating systems, vulnerabilities, services, processes, files and threats – so you can get the complete picture of your network.

The FireSIGHT Management Center provides automated event impact assessment, policy tuning, policy management, and network and user behaviour analysis.

The results are end-to-end network intelligence and streamlined security operations. The time between detection and cure quickly shrinks in a streamlined operation.

This workshop is designed to help users understand the integration of the SourceFire Security Suite with the Cisco ASA, FIreSIGHT and CSM for a new adaptive, threat-focused NGFW solution. You should at the end of this workshop feel confident in demonstrating the capabilities of the Cisco ASA Next-Generation Firewall FirePOWER Services(SFR) Module to potential customers.

Objectives:

After attending this course you should be able to:

  • Understand the capabilities of the FirePOWER Services
  • ModulesInstall and configure the FirePOWER Services Module
  • Explore the FireSIGHT Management Center using the Context Explorer
  • Use Access Control,File Policies and Intrusion Policies to control traffic within a network
  • Analyse files to determine their leavel of threat and trajectory within a network
  • Integrate Active Directory with FireSIGHT and SourceFire User Agent for User based policies

Content:

  • Introducing the New Mid-Range Cisco ASAs and their Next Generation Firewall Services
  • Installing, Configuring and Integrating the ASA FirePOWER Services (SFR) module within an existing ASA
  • Using the Cisco Security Manager (CSM) to cross-launch the FireSIGHT Management Center
  • Exploring the FireSight Management Center
  • Edit and apply the initial system policy time synchronization settings to SFR Module
  • Apply the initial health policy to the SFR Module
  • Configure SFR Policy for a default Inline Intrusion Policy to use the Secure over Connectivity base IPS policy
  • Configure SFR Default Access Control policy to use the required File and IPS policy
  • Create and test user based access control policies
  • Configure File Polices to block malware
  • Attempt malware file transfers to trigger the malware blocking File Policy rule
  • Observe the IPS and Malware events in the FireSight Management Center
  • Integrate FireSIGHT with Microsoft Active Directory using the SourceFire User Agent for user and user-group based policies

Global Knowledge is the worldwide leader in IT and business skills training. They deliver via training centers, private facilities, and the Internet, enabling their customers to choose when, where, and how they want to receive training programs and learning services.

See all Global Knowledge Egypt courses

Contact information not available.

Courses you can instantly connect with...
Cisco Certified Network Associate - CCNA American Academy Cisco Certified Network Associate (CCNA) Helper Learning Cisco Certified Network Professional (CCNP 2012) Helper Learning

Is this the right course for you?

Rate our content

Didn't find what you were looking for ?

or