CISCO - CCSP - PIX Firewall Training CSPFA (642-521)


The Cisco Secure PIX Firewall Advanced (CSPFA) exam (642-521) is one of five required for the Cisco Security Specialist. In the Cisco PIX Firewall training course from ATS, you’ll learn how to define and describe network firewall security procedures and how they work specifically with Cisco PIX firewalls. Expert instructor Michael Storm will demonstrate how to configure PIX firewall interfaces, protocols and attack guards to protect networks from security threats that may arrive via Internet traffic. At the conclusion of this training course you will be prepared to pass the Cisco Secure PIX Firewall Advanced exam.

Course Outline

Module 1
Section A: Introduction Network Threats Certifications CCIP Course Focus
Section B: Security Threats/Solutions Types of Threats Attack Types Security Process Security Wheel Security Network Monitor Test/Improve SAFE Framework
Section C: Firewall Technologies Overview Bastion Host Firewall Perimeter Network Categories Packet Filters Proxy Filters Stateful Packet
Section D: PIX Firewall Features Overview ASA Firewall Traffic Large Enterprise Med/Large Enterprise Med/Small Enterprise Small Enterprise
Section E: PIX Maintenance Accessing Basic Commands Configuration/Testing New OS Install Monitor Mode Upgrade OS Password Recovery
Section F: Upgrade PIX OS Show Version New PIX Upgrade New PIX PW Recovery Boot Recovery Disk Old PIX PW Recovery
Section G: ASA Security Rules Configuration Concepts Security Levels Traffic Flow Rules Interface Associations Using Security Levels Advantages Algorithm Conduits

Module 2
Section A: ASA Operations Negotiations Translation Address Assignment Response Packets
Section B: Six Basic Commands Overview Nameif Interface IP Address NAT Global Route View Configuration
Section C: Configure PIX Firewall Basic Lab Security Levels Interface Info IP Addresses Route Address Translation Save/Verify
Section D: Translation Rules TCP/IP Conversations Inside to Outside Outside to Inside Static Conduit Static/Conduit Example Using ACLs Additional Features
Section E: NAT and PAT Address Allocation NAT Types Address Management NAT/PAT Limitations NAT Configurations PIX Configuration Managing Translations Managing Connections
Section F: PIX Device Manager Overview PDM 2.1x Features PDM 3.0 Features Requirements Install/Upgrade Prepare for PDM Download PDM

Module 3
Section A: Configure PIX with PDM Load PDM PDM Startup Wizard Save Configuration Access/Translation Hosts/Networks Static Translations Create an ACL System Properties
Section B: Object Grouping Overview Use Object Group ICMP Groups Network Groups Protocol Groups Service Groups Nesting Groups Groups in PDM
Section C: Syslog Overview Configuring Syslog Logging Levels
Section D: Cut-Through Proxy AAA Support Security Architecture AAA Technology Remote Security DB Secure ACS Install ACS Advanced Options
Section E: CSACS Configuration ACS Interface Create User Group Setup
Section F: AAA Configuration Overview Authentication Configure Authorization Enable Authentication Accounting Verification Commands
Section G: Advanced Protocol Handling Overview Protocol Operations FTP Protocol Rsh Protocol SQL*Net Protocol Configure Fixup

Module 4
Section A: Multimedia Operation Overview Firewall Functions Enable Multimedia Add Protocols New Version Support
Section B: Attack Guard Mail Guard DNS Guard Frag/Flood Guard Other Options Websense
Section C: Service Configuration DHCP Server DHCP Config. Steps Config. Example Intrusion Detection IDS Configuration PDM Service Config. Setup PDM IDS Verify Audit
Section D: Failover Overview Failover Events Failover Transfer Failover Communication Monitoring/Testing Failover Types Failover Example Failover Configuration
Section E: IPSec/VPN Overview VPN Topologies VPN Scenarios IPSec IPSec Standards More IPSec Standards Security Associations
Section F: IPSec Process Overview IPSec Modes IPSec Protection Scaling IPSec Networks Supported CA Servers

Module 5
Section A: Configuring IPSec Overview Create IKE Policies Pre-shared Keys Crypto Access Lists Transform Sets Crypto Maps Verify Configuration
Section B: Scaling IPSec Configure CA Sample CA Verify/Update CA
Section C: Configuring PIX VPN Create Access Lists ISAKMP Policy Crypto Map Check Configuration
Section D: PPPoE/VPN with PDM PPPoE PPPoE on PIX Create Site-to-Site IPSec IKE Policy Remote Access VPN Authentication Authorization
Section E: Configuring CSIS IOS Firewall IDS Configuration CBAC CBAC Configuration ACL Filtering Lock-and-Key Prevent DoS Attacks Logging Events
Section F: Authentication Proxy Overview Configuring Auth-Proxy Add Auth-Proxy Custom Attributes AAA & Auth-Pro

Module 6
Section A: Version 6.3 · Technology Updates · 6.3 vs. 6.2 · 6.3 Additional Features · Enhanced Security · Other Support
Section B: Security & Licensing · Conduits to ACLs · Conduits vs. ACLs · Conversion Tools · Licensing Process · Licensing Options · Activation Key
Section C: 6.3 VPN Enhancements · AES · AES Cipher Process · NAT Traversal for IPSec · Enable PIX NAT-T · Management Tools · VPN Wizard · VPDN Mode Configuration
Section D: Enterprise-Level PIX · FWSM · FWSM Requirements · Enterprise Management · Install Mgmt. Console · Prepare PIX Firewall · Management Center
Section E: Workflow in MC · Basic User Taskflow · Workflow/Tasks · Implement Steps · Create Activity · Import/Create Device · View Settings · Access Rules · Deploy Configuration
Section F: Auto Update Server · Setup AUS · Using Auto Update · Reporting · Administration

Price Per User £ 810 (Bundle of 6)

Complementary Courses
Cisco VPN Security
Cisco CSIDS Intrusion Detection Systems
Cisco SAFE CSI Security

<<Back <<Contact Us