Course Details

Previous Page

Cisco IINS 2.0: Implementing Firewall Policies

Target Audience
Expected Duration
Lesson Objectives
Course Number

Network security threats have the potential to significantly impede productivity, disrupt business and operations, and result in loss of information, which can lead to financial losses and noncompliance. Hackers continue to develop new techniques to gain access to information for their own financial gain, and these techniques are harder than ever to detect. Businesses need comprehensive solutions that are highly manageable and operational to proactively address these threats. One of these solutions is the zone-based policy firewall which changes the original implementation of Cisco IOS Classic Firewall stateful inspection from the older interface-based model to a more flexible, more easily understood zone-based configuration model. This course covers the features of Cisco IOS zone-based policy firewalls and how to use Cisco Configuration Professional to configure them. Another solution is the Cisco ASA Adaptive Security Appliance which implements a rich set of security technologies that can be effectively implemented as a perimeter firewall using several deployment modes. This course introduces Cisco ASA Security Appliance functionality, features, and underlying technologies. Finally, the course demonstrates how to configure the Cisco ASA 5505 Adaptive Security Appliance for basic connectivity using Cisco Adaptive Security Device Manager (ASDM).

Target Audience
Network designers, administrators, engineers, and managers; systems engineers; individuals seeking the Implementing Cisco IOS Network Security (IINS) v2.0 640-554 certification, which is associated with the CCNA Security certification exam. Knowledge and skills equivalent to those learned in Interconnecting Cisco Networking Devices Part 1 (ICND1) are required, and a working knowledge of the Windows operating system and Cisco IOS networking and concepts is recommended.

Expected Duration (hours)

Lesson Objectives

Cisco IINS 2.0: Implementing Firewall Policies

  • describe the function of Cisco IOS zone-based firewalls
  • describe the nature and functions of zones and zone pairs
  • identify zone-based policy firewall rules for application traffic
  • recognize how to configure a zone-based firewall using Cisco Configuration Professional
  • configure a zone-based policy firewall on a router using Cisco Configuration Professional Basic Firewall Wizard
  • describe how to configure NAT services for zone-based firewalls
  • match varieties of NAT that are supported by Cisco ASA Security Appliance to their descriptions
  • define Cisco ASA appliance CLI configuration modes
  • describe Cisco ASDM features
  • identify default interface access security rules on Cisco ASA appliances
  • match the key constructs of the Cisco Modular Policy Framework to their definitions
  • identify match criteria allowed by Cisco ASA Layers 3 and 4 class maps
  • recognize the procedure for preparing a Cisco ASA device for ASDM
  • sequence the procedure for using the ASDM Startup Wizard to configure an ASA device
  • Course Number: