Overview/Description
The Cisco ASA adaptive security appliance helps enforce security policies within your networks. Different types of traffic traversing the Cisco ASA adaptive security appliance should have different policies. For example, you should analyze traffic coming from the Internet for any sign of malicious software, and you should prioritize VoIP traffic on all appliance interfaces to prevent delays and packet losses. The Cisco Modular Policy Framework (MPF) configuration tool enables you to assign different network policies to different traffic flows in a flexible and granular manner. The Cisco MPF enhances Cisco ASA security appliance interface access control lists (ACLs) by allowing the administrator to specify a multitude of additional access controls on network flows independently of interface ACLs. This course starts with an overview of the Cisco MPF tool, continues with a description of policies for Open Systems Interconnection (OSI) Layers 3 and 4, and concludes with a description of management service policies, which you use to control traffic that is destined for the Cisco ASA security appliance. The Cisco ASA adaptive security appliance enforces a strict inspection and filtering policy that may sometimes interfere with unusual network designs or the use of network protocols by applications. The policy may also cause legitimate applications to experience connectivity issues over security appliances. The Cisco ASA security appliance supports many features that enable you to create exceptions in its behavior for traffic in such environments. This course describes some of the inspection tuning methods that you can configure on the appliance to integrate with such environments.
Target Audience
Anyone wishing to obtain the Cisco Certified Network Professional CCNP Security designation. Cisco Network Security Engineers responsible for the selection, configuration, and the troubleshooting of the majority of Cisco ASA adaptive security appliance perimeter security features to reduce risk to IT infrastructure and its applications within their networking environments.
Established IT professionals with a good understanding of networking and Cisco technology, installation, troubleshooting and monitoring of devices used to maintain integrity, confidentiality and availability of data and network devices that Cisco uses in its security infrastructure, as well as working knowledge of the Microsoft Windows operating system.
Candidates who have completed the Cisco Certified Network Associate (CCNA) Certification and the Cisco Certified Network Associate Security Certification (CCNA Security).