
Define inside and outside zones on iOS routers and apply a zone-based firewall policy to permit inside-to-outside traffic while inspecting and allowing return traffic.
Learn dynamic and static nat on Cisco IOS routers, configure access lists and ip nat pools, translate inside networks to outside addresses, and verify with ping and tcpdump.
Configure high availability through redundancy and failover in Cisco ASA environments, using back-to-back redundant links, link aggregation options, and active-standby firewall units, with stateless vs stateful failover.
This course targets an audience of advanced networking professionals and provides expert-level knowledge of firewalls and network security. Become an expert on the Cisco ASA firewall by doing the advanced labs along with me.
The course is built around the Cisco CCIE Security v6.0 chapter one exam topics, provided below.
"1. Perimeter Security and Intrusion Prevention
1.1 Deployment modes on Cisco ASA and Cisco FTD
1.1.a Routed
1.1.b Transparent
1.1.c Single
1.2 Firewall features on Cisco ASA
1.2.a NAT
1.2.b Application inspection
1.2.c Traffic zones
1.2.d Policy-based routing
1.2.e Traffic redirection to service modules
1.2.f Identity firewall
1.3 Security features on Cisco IOS/IOS-XE
1.3.a Application awareness
1.3.b Zone-Based Firewall (ZBFW)
1.3.c NAT
1.7 Detect, and mitigate common types of attacks
1.7.a DoS/DDoS
1.7.b Evasion Techniques
1.7.c Spoofing
1.7.d Man-In-The-Middle
1.7.e Botnet
1.8 Clustering/HA features on Cisco ASA
1.9 Policies and rules for traffic control on Cisco ASA
1.10 Routing protocols security on Cisco IOS [and] Cisco ASA
1.11 Network connectivity through Cisco ASA"
Source: Cisco expert certifications