SFWIPA - Securing Data Center Networks and VPNs with Cisco Secure Firewall Threat Defense

Audience:

The primary audience for this course includes System Installers, System Integrators, System Administrators, Network Administrators, and/or Solutions Designers.

Prerequisites:

The learner should possess the following knowledge and skills before attending this course: knowledge of TCP/IP, a basic understanding of routing protocols, and familiarity with the content in the “Securing Internet Edge with Cisco Secure Firewall Threat Defense” training. Recommended Cisco Learning Offerings: •Implementing and Administering Cisco Solutions (CCNA) •Securing Internet Edge with Cisco Secure Firewall Threat Defense

Course Description:

The Securing Data Center Networks and VPNs with Cisco Secure Firewall Threat Defense (SFWIPA) training shows you how to deploy and configure the Cisco Secure Firewall Threat Defense system as a data center network firewall or Internet Edge firewall with VPN support. You'll learn how to configure identity-based policies, SSL decryption, remote-access VPN, and site-to-site VPN. The course also covers advanced Intrusion Prevention System (IPS) configuration, event management, integrations with other systems, troubleshooting, and automation using Application Programming Interfaces (APIs). Configuration migration from Cisco ASA is also included. This training prepares you for the 300-710 Securing Networks with Cisco Firepower (SNCF) exam and earns 40 Continuing Education (CE) credits. 

Course Objectives:

Upon completing this course, the learner will be able to:

• Describe Cisco Secure Firewall Threat Defense

• Describe advanced deployment options and device settings

• Configure dynamic routing and advanced NAT

• Configure SSL decryption policy

• Deploy Remote Access and Site-to-Site VPN

• Deploy identity-based policies and advanced access control settings

• Describe and implement event management and integrations

• Troubleshoot traffic flow using advanced options

• Automate configuration and operations using APIs

• Perform configuration migration from Cisco ASA

Course Outline:

• Introducing Cisco Secure Firewall Threat Defense 
• Describing Cisco Secure Firewall Threat Defense Deployment Options 
• Describing Cisco Secure Firewall Threat Defense Management Options  
• Configuring Basic Network Settings on Cisco Secure Firewall Threat Defense 
• Configuring High Availability on Cisco Secure Firewall Threat Defense 
• Configuring Auto NAT on Cisco Secure Firewall Threat Defense 
• Describing Packet Processing and Policies on Cisco Secure Firewall Threat Defense 
• Configuring Discovery Policy on Cisco Secure Firewall Threat Defense 
• Configuring Prefilter Policy on Cisco Secure Firewall Threat Defense 
• Configuring Access Control Policy on Cisco Secure Firewall Threat Defense 
• Configuring Security Intelligence on Cisco Secure Firewall Threat Defense 
• Configuring File Policy on Cisco Secure Firewall Threat Defense 
• Configuring Intrusion Policy on Cisco Secure Firewall Threat Defense 
• Performing Basic Threat Analysis on Cisco Secure Firewall Management Center 
• Managing Cisco Secure Firewall Threat Defense System 
• Troubleshooting Basic Traffic Flow 
• Cisco Secure Firewall Threat Defense Device Manager

Lab Outline

• Perform Initial Device Setup 
• Configure High Availability 
• Configure Network Address Translation 
• Configure Network Discovery 
• Configure Prefilter and Access Control Policy 
• Configure Security Intelligence 
• Implement File Control and Advanced Malware Protection 
• Configure Cisco Secure IPS 
• Detailed Analysis Using the Firewall Management Center 
• Manage Cisco Secure Firewall Threat Defense System 
• Secure Firewall Troubleshooting Fundamentals 
• Configure Managed Devices Using Cisco Secure Firewall Device Manager