Course Details

Previous Page


SENSS 1.0: Deploying Reputation and Identity-Based Cisco ASA Access Policies


Overview/Description
Target Audience
Prerequisites
Expected Duration
Lesson Objectives
Course Number



Overview/Description
The Cisco ASA 5500-X Series Next-Generation Firewalls use the Botnet Traffic Filter feature to detect and prevent botnet activity that is detected in transit traffic. The Botnet Traffic Filter feature detects and prevents traffic from bot-infected hosts to their control servers using a reputation-based mechanism. This course provides an overview of the Cisco ASA Botnet Traffic Filter, and explains how to configure and verify Cisco ASA Botnet Traffic Filter. Users in an enterprise often need access to one or more server resources and typically, a firewall is not aware of user identities and cannot apply security policies based on identity. The Identity Firewall in the Cisco ASA provides granular access control based on user identities. You can configure access rules and security policies based on usernames and a user group name rather than through source IP addresses. The Cisco ASA applies the security policies based on an association of IP addresses to Windows Active Directory login information and reports events based on the mapped usernames instead of on the network IP addresses. The Identity Firewall integrates with the Microsoft Active Directory in conjunction with an external Cisco Context Directory Agent that provides the actual identity mapping. The Cisco ASA uses the Windows Active Directory as the source to retrieve current user identity information for specific IP addresses and allows transparent authentication for Active Directory users. Identity-based firewall services enhance the existing access control and security policy mechanisms by allowing users or groups to be specified in place of source IP addresses. Identity-based security policies can be interleaved without restriction between traditional IP address-based rules. This course describes how to configure, verify and troubleshoot the Cisco ASA Identity Firewall.

Target Audience
Anyone wishing to obtain the Implementing Cisco Edge Network Security Solutions (SENSS) v1.0 certification; one of four designed for the CCNP Security track from Cisco. Knowledge of Cisco Certified Network Associate (CCNA) certification is required and knowledge of Cisco Certified Network Associate (CCNA) Security certification and Knowledge of Microsoft Windows Operating System are helpful. Note: Candidates who have a valid CCNA Routing and Switching certification AND have passed either Securing Cisco Network Devices exams 642-551 or 642-552 can act as a prerequisite valid only through December 31, 2014.

Prerequisites
None

Expected Duration (hours)
1.1

Lesson Objectives

SENSS 1.0: Deploying Reputation and Identity-Based Cisco ASA Access Policies

  • start the course
  • describe how Cisco ASA uses the Cisco ASA Botnet Traffic Filter feature
  • identify tasks in configuring the Cisco ASA Botnet Traffic Filter on the Cisco ASA
  • configure the Cisco Botnet Traffic Filter with static entries
  • verify the Cisco ASA Botnet Traffic Filter
  • identify key benefits of the Identity Internal Firewall
  • identify statements that describe processes within the Cisco ASA Identity Firewall solution
  • describe features of Cisco Context Directory Agent
  • describe how the Cisco CDA can be configured to integrate with Microsoft Active Directory (AD) and with Cisco ASA
  • identify the tasks to configure the Cisco ASA to integrate with Microsoft AD and with Cisco CDA
  • identify the CLI commands used to integrate Cisco ASA with Microsoft AD and Cisco CDA for identity-based firewall
  • verify Cisco ASA integration with Microsoft AD and with Cisco CDA
  • describe how to configure identity-based access rules
  • verify the identity-based firewall
  • identify how to troubleshoot Cisco ASA Identity Firewall operations using various Cisco ASDM, CLI, and Cisco CDA tools and features
  • configure Identity-Based Cisco ASA Access Policies in a given scenario
  • Course Number:
    cc_sens_a08_it_enus