Who should attend
- Network Security Engineers (NSEs) responsible for VPN design, implementation and troubleshooting
- Cisco customers who implement Cisco ASA (Adaptive Security Appliance)-based VPN solutions
- Cisco Channel Partner
- Cisco Engineers supporting the sales of the Cisco ASA solution
Prerequisites
Cisco Certified Network Associate Security (CCNA Security) certification oder similar knowledge
Course Objectives
This 5 day class teaches students the knowledge to implement and configure the Cisco ASA IPSec and SSL VPN Features of the Cisco ASA solution running software version 9.9(2) and Cisco AnyConnect 3.1.x. The delegates will learn to minimize the risk for their IT infrastructures and applications by enabling the Cisco ASA features and to provide detailed operational support. By the end of the course, the students should be able to meet the following objectives:
- Outline the general features of the Cisco ASA VPN subsystem
- Implementation and Troubleshooting of clientless remote access SSL VPNs on the Cisco ASA Gateway
- Implementation and Troubleshooting of Cisco AnyConnect client-based remote access SSL VPNs on the Cisco ASA Gateway according to compliance regulations
- Implementation and Troubleshooting of Cisco remote access IPSec VPNs on the Cisco ASA Gateway according to compliance regulations
- Implementation and Troubleshooting of Site-to-Site VPN solutions on the Cisco ASA Gateway according to compliance regulations
- Implementation of endpoint security using Cisco Secure Desktop and DAP
- Deployment of high-availability and high-performance features of the Cisco ASA appliance.
- Troubleshooting the Cisco ASA and the Cisco AnyConnect solution in various problem scenarios
Course Content
Module 1: Cisco ASA Adaptive Security Appliance VPN architecture and main components
- Lession 1: Evaluation of the Cisco ASA Adaptive Security Appliance VPN sub system architecture
- Lession 2: Evaluation of the Cisco ASA Adaptive Security Appliance software architecture
- Lession 3: Implementation of profiles, group- and user policies
- Lession 4: Implementation of PKI services
Module 2: Cisco ASA Adaptive Security Appliance client-less remote access SSL VPN solutions
- Lession 1: Deployment of basic client-less VPN solutions
- Lession 2: Deployment of advanced application access for client-less SSL VPNs
- Lession 3: Deployment of advanced authentification and SSO for client-less SSL VPNs
- Lession 4: Adjusting the client-less SSL VPN user interface and portal
Module 3: Cisco AnyConnect remote access SSL solution
- Lession 1: Deployment of a basic Cisco AnyConnect Full-Tunnel SSL VPN solution
- Lession 2: Deployment of an advanced Cisco AnyConnect Full-Tunnel SSL VPN solution
- Lession 3: Deployment of Advanced AAA in Cisco Full-Tunnel VPNs
Module 4: Cisco ASA Adaptive Security Appliance remote access IPsec VPNs
- Lession 1: Deployment of Cisco remote access VPN clients
- Lession 2: Deployment of basic Cisco Remote Access IPsec VPN solutions
Module 5: Cisco ASA Adaptive Security Appliance Site-to-Site IPsec VPN solutions
- Lession 1: Deployment of basic Site-to-Site IPsec VPNs
- Lession 2: Deployment of advanced Site-to-Site IPsec VPNs
Module 6: Endpoint security and high-availability for Cisco ASA VPNs
- Lession 1: Implementing Cisco Secure Desktop and DAP for SSL VPNs
- Lession 2: Deployment of high-availability features in Cisco ASA Adaptive Security Appliance VPNs
German 
Germany