Questo corso fornisce al partecipante una conoscenza approfondita dello strumento di difesa Cisco Firepower Threat Defense system.
Questo corso pratico offre le competenze per utilizzare e configurare la tecnologia Cisco Firepower Threat Defense, a partire dalla configurazione iniziale fino alle tematiche di routing, high availability, traffic control, e Network Address Translation (NAT).
Si imparerà come implementare le funzionalità avanzate NGFW (Next-Generation Firewall), tra cui network intelligence, file type detection, network-based malware detection, e deep packet inspection. Si affronteranno altri ambiti come configurare site-to-site VPN, remote-access VPN, e SSL decryption prima di passare all’analisi dettagliata e alla risoluzione dei problemi.
Si consiglia la partecipazione al Corso Cisco CCNA e al Corso Cisco Cybersecurity.
Cisco Firepower Threat Defense Overview
- Examining Firewall and IPS Technology
- Firepower Threat Defense Features and Components
- Examining Firepower Platforms
- Examining Firepower Threat Defense Licensing
- Cisco Firepower Implementation Use Cases
Firepower NGFW Device Configuration
- Firepower Threat Defense Device Registration
- FXOS and Firepower Device Manager
- Initial Device Setup
- Managing NGFW Devices
- Examining Firepower Management Center Policies
- Examining Objects
- Examining System Configuration and Health Monitoring
- Device Management
- Examining Firepower High Availability
- Configuring High Availability
- Cisco ASA to Firepower Migration
- Migrating from Cisco ASA to Firepower Threat Defense
Firepower NGFW Traffic Control
- Firepower Threat Defense Packet Processing
- Implementing QoS
- Bypassing Traffic
- Implementing QoS
Firepower NGFW Address Translation
- NAT Basics
- Implementing NAT
- NAT Rule Examples
- Implementing NAT
Firepower Discovery
- Examining Network Discovery
- Configuring Network Discovery
Implementing Access Control Policies
- Examining Access Control Policies
- Examining Access Control Policy Rules and Default Action
- Implementing Further Inspection
- Examining Connection Events
- Access Control Policy Advanced Settings
- Access Control Policy Considerations
- Implementing an Access Control Policy
Security Intelligence
- Examining Security Intelligence
- Examining Security Intelligence Objects
- Security Intelligence Deployment and Logging
- Implementing Security Intelligence
File Control and Advanced Malware Protection
- Examining the Malware and File Policy
- Examining Advanced Malware Protection
Next-Generation Intrusion Prevention Systems
- Examining Intrusion Prevention and Snort Rules
- Examining Variables and Variable Sets
- Examining Intrusion Policies
Site-to-Site VPN
- Examining IPsec
- Site-to-Site VPN Configuration
- Site-to-Site VPN Troubleshooting
- Implementing Site-to-Site VPN
Remote-Access VPN
- Examining Remote-Access VPN
- Examining Public-Key Cryptography and Certificates
- Examining Certificate Enrollment
- Remote-Access VPN Configuration
- Implementing Remote-Access VPN
SSL Decryption
- Examining SSL Decryption
- Configuring SSL Policies
- SSL Decryption Best Practices and Monitoring
Detailed Analysis Techniques
- Examining Event Analysis
- Examining Event Types
- Examining Contextual Data
- Examining Analysis Tools
- Threat Analysis
System Administration
- Managing Updates
- Examining User Account Management Features
- Configuring User Accounts
- System Administration
Firepower Troubleshooting
- Examining Common Misconfigurations
- Examining Troubleshooting Commands
- Firepower Troubleshooting
Laboratori
- Initial Device Setup
- Device Management
- Configuring High Availability
- Migrating from Cisco ASA to Cisco Firepower Threat Defense
- Implementing QoS
- Implementing NAT
- Configuring Network Discovery
- Implementing an Access Control Policy
- Implementing Security Intelligence
- Implementing Site-to-Site VPN
- Implementing Remote Access VPN
- Threat Analysis
- System Administration
- Firepower Troubleshooting
Corso di preparazione al conseguimento della
Certificazione Cisco CCNP Security SNCF
Esame 300-710 Parte della Certificazione Cisco CCNP Security
Securing Networks with Cisco Firepower Next Generation Firewall (SSNGFW)