In this 3-day course students will learn to deploy, configure, and manage Cisco Secure Firewall/Firepower Threat Defense. This hands-on course will help develop the skills to use and configure Cisco FTD, starting with the initial device setup and configuration. Students will learn to implement Next-Generation Firewall (NGFW) and Next-Generation Intrusion Prevention System (NGIPS) features. Students will also learn to analyze events, system administration, and basic troubleshooting.
Student Testimonials
Instructor did a great job, from experience this subject can be a bit dry to teach but he was able to keep it very engaging and made it much easier to focus.
Student
Excellent presentation skills, subject matter knowledge, and command of the environment.
Student
Instructor was outstanding. Knowledgeable, presented well, and class timing was perfect.
Student
Click here to print this page »
Prerequisites
Before taking this course, it would be good to have some understanding of Network Security fundamentals.
Exposure to working with any Network firewall will be an advantage.
Detailed Class Syllabus
Overview of Cisco Secure Firewall (CSF)
Basic firewall and IPS terminologies
Understand CSF features
Examine different platforms
Examine licensing
General implementation use cases
Device Configuration
Device Registration
Differentiate between FXOS and FTD image
Differentiate between management options FDM and FMC
Initial device activation and configuration
Examining different policies
Define objects
Explore system configuration
Configure Health Monitoring
Discuss device/ platform management options
Overview of High Availability
Cisco Secure Firewall Traffic Control
Describe packet processing
Explain traffic bypassing
Discuss pre-filter policy
Network Address Translation (NAT) Configurations
Overview of NAT
Different NAT rule types
Implementing and configuring NAT
Network Discovery
Explain Network Discovery
Configure Network Discovery
Access Control Policies
Overview of Access Control Policies (ACP)
Describe Access Control Policy rules and default action
Define further inspection feature in a rule
Overview of logging options for a rule
Advanced Settings in an ACP
Deploying the change in an ACP
Security Intelligence
Overview of Security Intelligence (SI)
Configure Security Intelligence objects
Deploy SI
File Control and Advanced Malware Protection
Overview of malware and file policy
Discuss Advanced Malware Protection
Next-Generation Intrusion Prevention Systems
Overview of Intrusion Prevention and Snort rules
Explain variables and variable sets
Configure intrusion policies
Describe firepower recommendations
Analyzing Different Events
Discuss different types of events
Explore analysis tools
Analyze threats
General System Administration
Manage device updates
Explore user account management features
Configuring different user accounts
Basic Troubleshooting
Identify common misconfigurations
Basic troubleshooting commands
Using packet trace
Lab Exercises
Initial Device Setup
FTD initial boot up and n/w configuration (walkthrough/ no hands-on)
FMC initial boot up and n/w configuration (walkthrough/ no hands-on)
FTD onboarding to FMC
Basic Configuration and Verification
Verify/ create different objects
Verify/ create interface and routing configuration
Configure Security Intelligence
Configure Security Intelligence objects
Modify/ customize Security Intelligence
Configure Intrusion Policy
Reuse base IPS policy (SNORT2/ SNORT3)
Create a new IPS policy (SNORT2/ SNORT3)
Configure/ Modify the Access Control Policy
Allow internal/ DMZ access (inbound)
Allow Internet access (outbound)
[Use a SNORT2/ SNORT3 Intrusion Policy configured in exercise 4]
Configure NAT Policies
Dynamic NAT
Static NAT
Configure/ Modify Network Discovery Policy
Understand/ differentiate hosts, users, and applications
Configure/ tune the network discovery policy based on your environment
Deploy Changes
Review the changes that will apply to the NGFW
Deploy all the configuration changes to the NGFW
Test/ Analyze the NGFW Traffic
Connectivity
IPS functionality
Malware blocking capabilities
System Administration Overview
Health Monitoring
Device Backup and Restore
Reporting Overview
Scheduling Tasks
Change Reconciliation