ASA Security

ASA Security – speciální kurz zaměřený na platformu Cisco ASA

V praxi se velice často používají originální anglické názvy jednotlivých protokolů/konceptů ap. Překlad názvů by byl na škodu a proto jsou v seznamu témat jednotlivých kurzů níže použity původní anglické názvy přesně tak, jak odpovídají jednotlivým kapitolám.

ASA Security

* ASA Advanced Introduction
System Maintenance (Licences, Remote Management, System Monitoring and Troubleshooting)
Firewall (Traffic Filtering, Advanced ACL Features)

* Site-to-Site IPSec VPN
Configuration ISAKMP, IPSec policy, Crypto map
Advanced Features, IKEv2, Bypass NAT, L2TP over IPSec
Deployment Scenarios single site-to-site tunnel, fully meshed topology with RRI (Reverse Route Injection)
Monitoring and Troubleshooting, show, debug, logging, asdm

* IPSec Remote-Access VPN
Configuration ISAKMP, IPSec policy, Crypto map
Advanced Features, NAT-T, TCP/UDP encapsulation, split tunneling, AnyConnect client
Deployment Scenarios software-based and hardware-based clients, Easy VPN
Monitoring and Troubleshooting, show, debug. logging, asdm

* Clientless Remote-Access SSL VPN
Configuration digital certification, tunnel and group polices, user authentication, webvpn
Advanced Features, DAP Dynamic Access Polices, Web-Type ACL, port forwarding
Deployment Scenarios of Web VPN, DAP
Monitoring and Troubleshooting, show, debug, logging, asdm

* Client-Based Remote-Access SSL VPN
Configuration
Advanced Features, split tunneling, AnyConnect client
Deployment Scenarios of AnyConnect client
Monitoring and Troubleshooting, show debug, logging, asdm

* Security Context
System Exacution Space, Admin Context, User Context
Configuration multiple contexts, ASDM, CLI
Advanced Features, Resource management memory, cpu, throughput, bandwidth
Deployment Scenarios use non-shared and shared interface
Monitoring and Troubleshooting, show, debug, logging, asdm

* Failover and Redundancy
Architectural Overview, Interface, Active/Stanby, Active/Active
Configuration Failover, ASDM, CLI
Advanced Features, Stateful failover, Auto update server support
Deployment Scenarios Active/Standby failover in single mode, Active/Active failover in multiple contexts
Monitoring and Troubleshooting, show, debug, logging, asdm

* Practice
VPN, Security Context, Failover

*ASA 8.4 new features
ping tcp
EtherChannel support (ASA 5510 and higher)
IKEv2
AnyConnect with IPSec Capability
Stateful Failover with Dynamic Routing Protocol