|
|
Title |
Duration |
|
|
|
Cisco Security: Cisco Certification and Getting the Most from this Series
With every new program, there is typically an included "Read Me First" text file. In the same sense, consider this nugget the "Watch Me First" of the series. This nugget presents the strategies you can use for getting the most from the series, changes to the Cisco certification program, and the ideal lab equipment to use for the series.
|
00:23:21 |
|
|
|
Foundations: Access Lists and NAT
Nothing better to get moving in the Cisco realm than the core configurations of Access Control Lists (ACLs) and Network Address Translation (NAT). This nugget focuses not only on reviewing the core concepts, but demonstrating the configuration of ACLs and ACL Entries (ACEs) using the ASDM. The nugget then moves to the order of operation on the ASA and how it impacts your design and configuration along with core NAT configurations.
|
00:49:34 |
|
|
|
Foundations: Access Lists and NAT, Part 2
The ACLs and NAT continue on as Jeremy focuses on configuring the various types of NAT in the ASDM: NAT 0 Exceptions, Port Forwarding, Static Policy NAT, and Dynamic Policy NAT.
|
00:29:28 |
|
|
|
Controlling Traffic: Cisco Modular Policy Framework
Of course, one of the primary goals of the Cisco ASA platform is to control network traffic. Cisco has taken this control to an entirely new level with their Modular Policy Framework (MPF) model of configuration. This nugget walks through the concepts behind MPF and demonstrates the three, core configuration items: class-maps, policy-maps, and service policies.
|
00:26:31 |
|
|
|
Controlling Traffic: Cisco Modular Policy Framework, Part 2
In this nugget, Jeremy takes the Cisco Modular Policy Framework (MPF) to an entirely new level as he walks through multiple, practical examples which culminate by walking through Layer 7 (Application Layer) firewall inspection principles and demonstrations. By time you're done here, you'll be saying, "I LOVE REGULAR EXPRESSIONS!!!" (we hope).
|
00:57:42 |
|
|
|
Protocol Inspection: Advanced Protocols
You now know that the Cisco ASA has the ability to look deeper into a packet than simple L3 and L4 data. This nugget discusses the application inspection capabilities of the ASA, focusing on using application inspection with the FTP protocol.
|
00:27:30 |
|
|
|
|
00:41:41 |
|
|
|
Routing and Switching: ASA VLAN Interaction
Cisco ASA Firewalls have the ability to interact with switch VLANs. This opens an entire realm of firewall possibilities from filtering within your corporate network to isolating companies in an off-site hosting facility. This nugget walks through the concepts and configuration behind implementing VLANs using Cisco ASA Firewalls.
|
00:21:14 |
|
|
|
Routing and Switching: Dynamic Routing Protocols
ASA's are routers too! You'll be chanting this mantra once you've completed this nugget which is focused on the configuration of RIP, OSPF, and EIGRP on ASA Firewalls. We've also thrown in a little route redistribution just for fun.
|
00:41:32 |
|
|
|
|
00:44:28 |
|
|
|
VPN Technology: Configuring Site-to-Site VPNs with Digital Certificates
Fasten your seat belts for pure Site-to-Site VPN configuration using Certificate-based authentication! In this nugget, Jeremy goes above and beyond and shows the complete setup of a Microsoft Windows 2003 Certificate Authority (CA) server, installs both CA and Identity certificates on two ASA 5510s, then builds and verifies the Site-to-Site VPN between two locations.
|
00:49:34 |
|
|
|
VPN Technology: Certificate-Based Remote Access VPNs
Now that you've seen the concept of certificate-based site-to-site VPNs, you can now apply the idea to remote access VPNs using the Cisco VPN client! This nugget is nearly all configuration based as Jeremy builds and tests the power of using certificates to authenticate remote access VPN users.
|
00:51:39 |
|
|
|
VPN Technology: Advanced Remote Access VPN Features
Whether you call it "Advanced VPN Features" or "Optional VPN Features," this nugget is full of configurations you can apply to your VPN connections. Topics covered include load balancing, split tunneling, backup ASA servers, NAT Transparency (NAT-T), reverse route injection (RRI), VPN Hairpinning, and personal firewall options.
|
00:36:18 |
|
|
|
VPN Technology: ASA5505 as Easy VPN & VPN Quality of Service
There are many situations where you may find yourself configuring an ASA5505 behind another NAT device (so the outside IP address is private). How do you establish a site-to-site VPN in this situation? That's where Cisco Easy VPN comes to the rescue! This nugget focuses on both Cisco Easy VPN and VPN Quality of Service (QoS).
|
00:35:09 |
|
|
|
SSL VPNs: Understanding SSL / WebVPN Technology
SSL VPNs (or WebVPNs) represent an exciting new development in remote access VPN technology. This nugget is dedicated to describing exactly what this exciting new development means to you along with the three different types of SSL VPNs supported by Cisco: Clientless, Thin Client, and Full Network Access using SVC or Anyconnect.
|
00:25:08 |
|
|
|
SSL VPNs: Configuring Clientless VPNs
In this nugget, Jeremy lives in the live ASDM interface as you are taken through the configuration and demonstration of virtually every option behind Clientless and Thin Client SSL VPN connections.
|
00:53:57 |
|
|
|
SSL VPNs: Configuring Anyconnect VPNs
Cisco Anyconnect dominates completely any other vendor's SSL VPN client. At least, that is Jeremy's unbiased opinion. In this nugget, Jeremy builds upon the previous Clientless SSL VPN by adding the Anyconnect client capability.
|
00:43:00 |
|
|
|
SSL VPNs: Configuring Anyconnect VPNs, Part 2
The Cisco Anyconnect demonstrations continue. This nugget explores the Anyconnect configuration with using client and server certificates generated by the local CA of the Cisco ASA.
|
00:22:33 |
|
|
|
SSL VPNs: Understanding and Installing Cisco Secure Desktop
In order to provide Cisco administrators some control of the "anytime, anywhere" freedom provided by SSL VPNs, Cisco has created the Cisco Secure Desktop (CSD). In this nugget, Jeremy explains the concepts and installation procedure of CSD.
|
00:23:09 |
|
|
|
SSL VPNs: Configuring Cisco Secure Desktop
Feel the TRUE POWER of CSD. This nugget is dedicated to the complete configuration and demonstration of nearly every CSD feature. By time you're done here, you'll be running to implement CSD for your network.
|
00:53:52 |
|
|
|
SSMs: Understanding AIP-SSM and CSC-SSM
In addition to the plethora of core functionality offered by the ASA, Cisco also offers "add on modules" known as Security Service Modules (SSMs). This nugget covers the different SSMs (4GE-SSM, SSM-10, SSM-20) along with the two implementations: CSC-SSM and AIP-SSM.
|
00:43:00 |
