SSNGFW Certification Training

Course Overview

Our 5- day, instructor-led SSNGFW (Securing Networks with Cisco Firepower Next Generation Firewall  v1.0) training and certification boot camp in Washington, DC Metro, Tysons Corner, VA, Columbia, MD or Live Online shows you how to deploy and use Cisco Firepower® Threat Defense system. This hands-on course gives you knowledge and skills to use and configure Cisco® Firepower Threat Defense technology, beginning with initial device setup and configuration and including routing, high availability, Cisco Adaptive Security Appliance (ASA) to Cisco Firepower Threat Defense migration, traffic control, and Network Address Translation (NAT). You will learn how to implement advanced Next-Generation Firewall (NGFW) and Next-Generation Intrusion Prevention System (NGIPS) features, including network intelligence, file type detection, network-based malware detection, and deep packet inspection. You will also learn how to configure site-tosite VPN, remote-access VPN, and SSL decryption before moving on to detailed analysis, system administration, and troubleshooting. It will teach you to do the following:

• Describe key concepts of NGIPS and NGFW technology and the Cisco Firepower Threat Defense system, and identify deployment scenarios
• Perform initial Cisco Firepower Threat Defense device configuration and setup tasks
• Describe how to manage traffic and implement quality of service (QoS) using Cisco Firepower Threat Defense
• Describe how to implement NAT by using Cisco Firepower Threat Defense
• Perform an initial network discovery, using Cisco Firepower to identify hosts, applications, and services
• Describe the behavior, usage, and implementation procedure for access control policies
• Describe the concepts and procedures for implementing security intelligence features

Schedule

Program Level

Advanced

Training Delivery Methods

Group Live

Duration

5 Days / 32 hours Training

CPE credits

26 NASBA CPE Credits

Field of Study

Information Technology

Advanced Prep

N/A

Course Registration

Candidates can choose to register for the course by via any of the below methods:

• Email: Sales@phoenixts.com
• Phone: 301-582-8200
• Website: www.phoenixts.com

Upon registration completion candidates are sent an automated course registration email that includes attachments with specific information on the class and location as well as pre-course study and test preparation material approved by the course vendor. The text of the email contains a registration confirmation as well as the location, date, time and contact person of the class.

Online enrolment closes three days before course start date.

On the first day of class, candidates are provided with instructions to register with the exam provider before the exam date.

Complaint Resolution Policy

To view our complete Complaint Resolution Policy policy please click here: Complaint Resolution Policy

Refunds and Cancellations

To view our complete Refund and Cancellation policy please click here:  Refund and Cancellation Policy 

Course Outline

Cisco Firepower Threat Defense Overview

• Examining Firewall and IPS Technology
• Firepower Threat Defense Features and Components
• Examining Firepower Platforms
• Examining Firepower Threat Defense Licensing
• Cisco Firepower Implementation Use Cases

Cisco Firepower NGFW Device Configuration

• Firepower Threat Defense Device Registration
• FXOS and Firepower Device Manager
• Initial Device Setup
• Managing NGFW Devices
• Examining Firepower Management Center Policies
• Examining Objects
• Examining System Configuration and Health Monitoring
• Device Management Examining Firepower High Availability
• Configuring High Availability
• Cisco ASA to Firepower Migration
• Migrating from Cisco ASA to Firepower Threat Defense

Cisco Firepower NGFW Traffic Control

• Firepower Threat Defense Packet Processing
• Implementing QoS
• Bypassing Traffic

Cisco Firepower NGFW Address Translation

• NAT Basics Implementing NAT
• NAT Rule Examples
• Implementing NAT

Cisco Firepower Discovery

• Examining Network Discovery
• Configuring Network Discovery
• Implementing Access Control Policies
• Examining Access Control Policies
• Examining Access Control Policy Rules and Default Action
• Implementing Further Inspection
• Examining Connection Events
• Access Control Policy Advanced Settings
• Access Control Policy Considerations
• Implementing an Access Control Policy

Security Intelligence

• Examining Security Intelligence
• Examining Security Intelligence Objects
• Security Intelligence Deployment and Logging
• Implementing Security Intelligence

File Control and Advanced Malware Protection

• Examining Malware and File Policy
• Examining Advanced Malware Protection

Next-Generation Intrusion Prevention Systems

• Examining Intrusion Prevention and Snort Rules
• Examining Variables and Variable Sets
• Examining Intrusion Policies

Site-to-Site VPN

• Examining IPsec
• Site-to-Site VPN Configuration
• Site-to-Site VPN Troubleshooting Implementing
• Site-to-Site VPN

Remote-Access VPN

• Examining Remote-Access VPN
• Examining Public-Key Cryptography and Certificates
• Examining Certificate Enrollment
• Remote-Access VPN Configuration
• Implementing Remote-Access VPN

SSL Decryption

• Examining SSL Decryption
• Configuring SSL Policies
• SSL Decryption Best Practices and Monitoring

Detailed Analysis Techniques

• Examining Event Analysis
• Examining Event Types
• Examining Contextual Data
• Examining Analysis Tools
• Threat Analysis