The Securing Networks with Cisco Firepower Next Generation Firewall (SSNGFW) v1.0 course shows you how to deploy and use Cisco Firepower® Threat Defense system. This hands-on course gives you knowledge and skills to use and configure Cisco® Firepower Threat Defense technology, beginning with initial device setup and configuration and including routing, high availability, Cisco Adaptive Security Appliance (ASA) to Cisco Firepower Threat Defense migration, traffic control, and Network Address Translation (NAT). You will learn how to implement advanced Next-Generation Firewall (NGFW) and Next-Generation Intrusion Prevention System (NGIPS) features, including network intelligence, file type detection, network-based malware detection, and deep packet inspection. You will also learn how to configure site-to-site VPN, remote-access VPN, and SSL decryption before moving on to detailed analysis, system administration, and troubleshooting.
This course helps you prepare to take the exam, Securing Networks with Cisco Firepower (300-710 SNCF), which leads to CCNP Security and Cisco Certified Specialist – Network Security Firepower certifications. The 300-710 SNCF exam has a second preparation course as well, Securing Networks with Cisco Firepower Next-Generation Intrusion Prevention System (SSFIPS). You can take these courses in any order.
To
fully benefit from this course, you should have:
Outline
· Cisco Firepower Threat Defense Overview
o Examining Firewall and
IPS Technology
o Firepower Threat Defense
Features and Components
o Examining Firepower
Platforms
o Examining Firepower
Threat Defense Licensing
o Cisco Firepower
Implementation Use Cases
· Cisco Firepower NGFW Device Configuration
o Firepower Threat Defense
Device Registration
o FXOS and Firepower Device
Manager
o Initial Device Setup
o Managing NGFW Devices
o Examining Firepower
Management Center Policies
o Examining Objects
o Examining System
Configuration and Health Monitoring
o Device Management
o Examining Firepower High
Availability
o Configuring High
Availability
o Cisco ASA to Firepower
Migration
o Migrating from Cisco ASA
to Firepower Threat Defense
· Cisco Firepower NGFW Traffic Control
o Firepower Threat Defense
Packet Processing
o Implementing QoS
o Bypassing Traffic
· Cisco Firepower NGFW Address Translation
o NAT Basics
o Implementing NAT
o NAT Rule Examples
o Implementing NAT
· Cisco Firepower Discovery
o Examining Network
Discovery
o Configuring Network
Discovery
· Implementing Access Control Policies
o Examining Access Control
Policies
o Examining Access Control
Policy Rules and Default Action
o Implementing Further
Inspection
o Examining Connection
Events
o Access Control Policy
Advanced Settings
o Access Control Policy
Considerations
o Implementing an Access
Control Policy
· Security Intelligence
o Examining Security
Intelligence
o Examining Security
Intelligence Objects
o Security Intelligence
Deployment and Logging
o Implementing Security
Intelligence
· File Control and Advanced Malware
Protection
o Examining Malware and
File Policy
o Examining Advanced
Malware Protection
· Next-Generation Intrusion Prevention Systems
o Examining Intrusion
Prevention and Snort Rules
o Examining Variables and
Variable Sets
o Examining Intrusion
Policies
· Site-to-Site VPN
o Examining IPsec
o Site-to-Site VPN
Configuration
o Site-to-Site VPN
Troubleshooting
o Implementing Site-to-Site
VPN
· Remote-Access VPN
o Examining Remote-Access
VPN
o Examining Public-Key
Cryptography and Certificates
o Examining Certificate
Enrollment
o Remote-Access VPN
Configuration
o Implementing
Remote-Access VPN
· SSL Decryption
o Examining SSL Decryption
o Configuring SSL Policies
o SSL Decryption Best
Practices and Monitoring
· Detailed Analysis Techniques
o Examining Event Analysis
o Examining Event Types
o Examining Contextual Data
o Examining Analysis Tools
o Threat Analysis
· System Administration
o Managing Updates
o Examining User Account
Management Features
o Configuring User Accounts
o System Administration
· Cisco Firepower Troubleshooting
o Examining Common
Misconfigurations
o Examining Troubleshooting
Commands
o Firepower Troubleshooting
Lab
outline
· Initial Device Setup
· Device Management
· Configuring High Availability
· Migrating from Cisco ASA to Cisco Firepower
Threat Defense
· Implementing QoS
· Implementing NAT
· Configuring Network Discovery
· Implementing an Access Control Policy
· Implementing Security Intelligence
· Implementing Site-to-Site VPN
· Implementing Remote Access VPN
· Threat Analysis
· System Administration
· Firepower Troubleshooting
Required fields are marked (*).
Anamnagar - 32 Kathmandu, Nepal
info@labanepal.com
+977-1-4102721, 4102722, 4244804
10 AM - 5 PM
Required fields are marked (*).
Anamnagar - 32 Kathmandu, Nepal
info@labanepal.com
+977-1-4102721, 4102722, 4244804
10 AM - 5 PM