   |
| Deploying Cisco ASA (VPN) v2.0 |
| Vendor Course Code: | VPN V1.0 |
| Course Length: | 5 days |
| Course Price: | $5,050.00 plus $505.00 GST = $5,555.00 inc. GST |
| Availability: | |
| | If your preferred city or time is not currently listed, please call DDLS on 1800 U LEARN (1800 853 276) and we can try to accommodate your needs. |
| Overview: | 
Learn to configure, maintain, and operate VPN solutions based on the Cisco ASA 5500 Series Adaptive Security Appliance (ASA) including:
• Site-to-site IPSec VPN
• Remote access IPSec VPN
• Remote access SSL VPN with AnyConnect 3.0
• Load balancing VPN clusters
• AAA for VPNs using Cisco ACS 5.2
We have enhanced the standard Cisco labs to run on our expanded topology to better simulate a typical production network. Using an ASA 5520, our expert instructors will guide you through exercises such as:
• Managing digital certificates for IPSec and SSL VPNs
• Implementing both site-to-site and remote access VPN
• Implementing VPN access policies for corporate employees, contractors, and partners
|
| Skills Gained: | • Implement site-to-site IPSec VPN
• Implement remote access IPSec and SSL VPNs
• Work with both the legacy Cisco IPSec VPN client and the AnyConnect 3.0 VPN client
• Deploy clientless SSL VPN access, including portal customization, smart tunnel access, and web-type ACLs
• Implement single sign-on for clientless VPN access to internal resources
• Deploy full tunnel SSL VPN using the Cisco AnyConnect VPN Client
• Determine and enhance the security posture of remote SSL VPN systems using Cisco Secure Desktop
• Use digital certificates and PKI infrastructure for peer identity management in all classes of VPN
• Configure the ASA as a Certificate Authority for SSL VPN access
• Configure the ASA as a SCEP proxy for remote access VPN
• Configure access control policies to implement your security policy across all classes of VPN
• Use Dynamic Access Policies (DAP) to adapt a remote user's VPN policy to the user's current situation
• Implement High Availability and scalability features for Cisco ASA VPN solutions
|
| Key Topics: | 1. ASA VPN Architecture and Common Components
• ASA VPN Subsystem Architecture
• ASA Software Architecture
• Implementing Profiles, Group Policies, and User Profiles
• Implementing PKI Services
2. ASA Remote Access SSL VPN Solutions
• Basic Clientless SSL VPN
• Advanced Clientless SSL VPN
• Advanced Authentication and SSO for Clientless SSL VPN
• Customizing the Clientless SSL VPN Interface and Portal
3. AnyConnect Remote Access SSL VPN
• Basic AnyConnect Full Tunnel SSL VPN Solution
• Advanced AnyConnect Full Tunnel SSL VPN Solution
• Advanced AAA in AnyConnect Full Tunnel VPNs
4. ASA Remote Access IPSec VPNs
• Deploying Cisco Remote Access VPN Clients
• Basic Remote Access IPSec VPN Solutions
5. ASA Site-to-Site VPNs
• Basic Site-to-Site IPSec VPNs
• Advanced Site-to-Site IPSec VPNs
6. Endpoint Security and High Availability for ASA VPNs
• Cisco Secure Desktop and DAP for SSL VPNs
• High Availability Features in ASA VPNs
Labs
Lab 1: Enhanced - Licensing, ACS, Public CA
Lab 2: Enhanced - Basic Clientless SSL VPN
Lab 3: Enhanced - Clientless SSL VPN: Thin Apps
Lab 4: Enhanced - Customizations and Auto Sign-On
Lab 5: Enhanced - Basic AnyConnect Full Tunnel SSL VPN
Lab 6: Enhanced - AnyConnect: Centralized Management
Lab 7: Enhanced - Local CA and SCEP Proxy
Lab 8: Enhanced - Remote Access IPSec VPN
Lab 9: Enhanced - IPSec Site-to-Site VPN
Lab 10: Enhanced - Cisco Secure Desktop and Dynamic Access Policies
Lab 11: Enhanced - VPN Server Load Balancing
|
| Target Audience: | • Anyone who implements and maintains VPN features on the Cisco ASA
• Those seeking CCNP Security certification
|
| Prerequisites: | The knowledge and skills that a learner must have before attending this course are as follows:
• ICND2 - Interconnecting Cisco Network Devices 2
• IINS 2.0 - Implementing Cisco IOS Network Security
• FIREWALL 2.0 - Deploying Cisco ASA Firewall Solutions
|
