Certified and Advanced Degree
Computer Instructors and Consultants
Course Catalog
SSNGFW-Securing Networks with Cisco Firepower Next Generation Firewall v1.0
Code: SSNGFW 1.0
Duration: 5 Day
$4000 USD

OVERVIEW

The SSNGFW - Securing Networks with Cisco Firepower Next Generation Firewall v1.0 course gives you knowledge and skills to use and configure Cisco Firepower Threat Defense technology, beginning with initial device setup and configuration and including routing, high availability, Cisco Adaptive Security Appliance (ASA) to Cisco Firepower Threat Defense migration, traffic control, and Network Address Translation (NAT). You will learn how to implement advanced Next-Generation Firewall (NGFW) and Next-Generation Intrusion Prevention System (NGIPS) features, including network intelligence, file type detection, network-based malware detection, and deep packet inspection.

This course is eligible for 40 Continuing Education Credits (ILT & ELT Modality).

DELIVERY FORMAT

This course is available in the following formats:

Virtual Classroom

Duration: 5 Day
Classroom

Duration: 5 Day

CLASS SCHEDULE

Delivery Format: Virtual Classroom
Date: Apr 08 2024 - Apr 12 2024 | 08:30 - 16:30 EDT
Location: Online
Course Length: 5 Day

$ 4000

Delivery Format: Virtual Classroom
Date: May 06 2024 - May 10 2024 | 08:30 - 16:30 EDT
Location: Online
Course Length: 5 Day

$ 4000

Delivery Format: Virtual Classroom
Date: May 13 2024 - May 17 2024 | 08:30 - 16:30 EDT
Location: Online
Course Length: 5 Day

$ 4000

Delivery Format: Virtual Classroom
Date: May 20 2024 - May 24 2024 | 11:30 - 19:30 EDT
Location: Online
Course Length: 5 Day

$ 4000

Delivery Format: Virtual Classroom
Date: Jun 03 2024 - Jun 07 2024 | 08:30 - 16:30 EDT
Location: Online
Course Length: 5 Day

$ 4000

Delivery Format: Virtual Classroom
Date: Jun 10 2024 - Jun 14 2024 | 08:30 - 16:30 EDT
Location: Online
Course Length: 5 Day

$ 4000

Delivery Format: Virtual Classroom
Date: Jun 24 2024 - Jun 28 2024 | 11:30 - 19:30 EDT
Location: Online
Course Length: 5 Day

$ 4000

Delivery Format: Virtual Classroom
Date: Jul 15 2024 - Jul 19 2024 | 08:30 - 16:30 EDT
Location: Online
Course Length: 5 Day

$ 4000

Delivery Format: Virtual Classroom
Date: Jul 22 2024 - Jul 26 2024 | 11:30 - 19:30 EDT
Location: Online
Course Length: 5 Day

$ 4000

Delivery Format: Virtual Classroom
Date: Jul 29 2024 - Aug 02 2024 | 08:30 - 16:30 EDT
Location: Online
Course Length: 5 Day

$ 4000

Delivery Format: Virtual Classroom
Date: Aug 12 2024 - Aug 16 2024 | 08:30 - 16:30 EDT
Location: Online
Course Length: 5 Day

$ 4000

Delivery Format: Virtual Classroom
Date: Aug 19 2024 - Aug 23 2024 | 08:30 - 16:30 EDT
Location: Online
Course Length: 5 Day

$ 4000

Delivery Format: Virtual Classroom
Date: Aug 26 2024 - Aug 30 2024 | 11:30 - 19:30 EDT
Location: Online
Course Length: 5 Day

$ 4000

Delivery Format: Virtual Classroom
Date: Sep 09 2024 - Sep 13 2024 | 08:30 - 19:30 EDT
Location: Online
Course Length: 5 Day

$ 4000

Delivery Format: Virtual Classroom
Date: Sep 16 2024 - Sep 20 2024 | 11:30 - 16:30 EDT
Location: Online
Course Length: 5 Day

$ 4000

Delivery Format: Virtual Classroom
Date: Sep 23 2024 - Sep 27 2024 | 08:30 - 16:30 EDT
Location: Online
Course Length: 5 Day

$ 4000

Delivery Format: Virtual Classroom
Date: Oct 07 2024 - Oct 11 2024 | 11:30 - 19:30 EDT
Location: Online
Course Length: 5 Day

$ 4000

Delivery Format: Virtual Classroom
Date: Oct 21 2024 - Oct 25 2024 | 08:30 - 16:30 EDT
Location: Online
Course Length: 5 Day

$ 4000

Delivery Format: Virtual Classroom
Date: Oct 28 2024 - Nov 01 2024 | 08:30 - 16:30 EDT
Location: Online
Course Length: 5 Day

$ 4000

Delivery Format: Virtual Classroom
Date: Nov 04 2024 - Nov 08 2024 | 08:30 - 16:30 EST
Location: Online
Course Length: 5 Day

$ 4000

Delivery Format: Virtual Classroom
Date: Nov 18 2024 - Nov 22 2024 | 11:30 - 19:30 EST
Location: Online
Course Length: 5 Day

$ 4000

GOALS
  • Describe key concepts of NGIPS and NGFW technology and the Cisco Firepower Threat Defense system, and identify deployment scenarios
  • Perform initial Cisco Firepower Threat Defense device configuration and setup tasks
  • Describe how to manage traffic and implement Quality of Service (QoS) using Cisco Firepower Threat Defense
  • Describe how to implement NAT by using Cisco Firepower Threat Defense
  • Perform an initial network discovery, using Cisco Firepower to identify hosts, applications, and services
  • Describe the behavior, usage, and implementation procedure for access control policies
  • Describe the concepts and procedures for implementing security intelligence features
  • Describe Cisco Advanced Malware Protection (AMP) for Networks and the procedures for implementing file control and advanced malware protection
  • Implement and manage intrusion policies
  • Describe the components and configuration of site-to-site VPN
  • Describe and configure a remote-access SSL VPN that uses Cisco AnyConnect
  • Describe SSL decryption capabilities and usage
  • Implement Cisco Firepower NGFW to provide advanced threat protection before, during, and after attacks
  • Gain leading-edge skills for high-demand responsibilities focused on security

 

You will also learn how to configure site-to-site VPN, remote-access VPN, and SSL decryption before moving on to detailed analysis, system administration, and troubleshooting.

This course helps you prepare to take the Securing Networks with Cisco Firepower (300-710 SNCF) exam, which leads to CCNP Security and Cisco Certified Specialist – Network Security Firepower certifications. The 300-710 SNCF exam has a second preparation course as well, SSFIPS - Securing Networks with Cisco Firepower Next-Generation Intrusion Prevention System v4.0. You can take these courses in any order.

OUTLINE

  • Cisco Firepower Threat Defense Overview
    • Examining Firewall and IPS Technology
    • Firepower Threat Defense Features and Components
    • Examining Firepower Platforms
    • Examining Firepower Threat Defense Licensing
    • Cisco Firepower Implementation Use Cases
  • Cisco Firepower NGFW Device Configuration
    • Firepower Threat Defense Device Registration
    • FXOS and Firepower Device Manager
    • Initial Device Setup
    • Managing NGFW Devices
    • Examining Firepower Management Center Policies
    • Examining Objects
    • Examining System Configuration and Health Monitoring
    • Device Management
    • Examining Firepower High Availability
    • Configuring High Availability
    • Cisco ASA to Firepower Migration
    • Migrating from Cisco ASA to Firepower Threat Defense
  • Cisco Firepower NGFW Traffic Control
    • Firepower Threat Defense Packet Processing
    • Implementing QoS
    • Bypassing Traffic
  • Cisco Firepower NGFW Address Translation
    • NAT Basics
    • Implementing NAT
    • NAT Rule Examples
    • Implementing NAT
  • Cisco Firepower Discovery
    • Examining Network Discovery
    • Configuring Network Discovery
  • Implementing Access Control Policies
    • Examining Access Control Policies
    • Examining Access Control Policy Rules and Default Action
    • Implementing Further Inspection
    • Examining Connection Events
    • Access Control Policy Advanced Settings
    • Access Control Policy Considerations
    • Implementing an Access Control Policy
  • Security Intelligence
    • Examining Security Intelligence
    • Examining Security Intelligence Objects
    • Security Intelligence Deployment and Logging
    • Implementing Security Intelligence
  • File Control and Advanced Malware Protection
    • Examining Malware and File Policy
    • Examining Advanced Malware Protection
  • Next-Generation Intrusion Prevention Systems
    • Examining Intrusion Prevention and Snort Rules
    • Examining Variables and Variable Sets
    • Examining Intrusion Policies
  • Site-to-Site VPN
    • Examining IPsec
    • Site-to-Site VPN Configuration
    • Site-to-Site VPN Troubleshooting
    • Implementing Site-to-Site VPN
  • Remote-Access VPN
    • Examining Remote-Access VPN
    • Examining Public-Key Cryptography and Certificates
    • Examining Certificate Enrollment
    • Remote-Access VPN Configuration
    • Implementing Remote-Access VPN
  • SSL Decryption
    • Examining SSL Decryption
    • Configuring SSL Policies
    • SSL Decryption Best Practices and Monitoring
  • Detailed Analysis Techniques
    • Examining Event Analysis
    • Examining Event Types
    • Examining Contextual Data
    • Examining Analysis Tools
    • Threat Analysis
  • System Administration
    • Managing Updates
    • Examining User Account Management Features
    • Configuring User Accounts
    • System Administration
  • Cisco Firepower Troubleshooting
    • Examining Common Misconfigurations
    • Examining Troubleshooting Commands
    • Firepower Troubleshooting

 

  • Cisco Firepower Threat Defense Overview
    • Examining Firewall and IPS Technology
    • Firepower Threat Defense Features and Components
    • Examining Firepower Platforms
    • Examining Firepower Threat Defense Licensing
    • Cisco Firepower Implementation Use Cases
  • Cisco Firepower NGFW Device Configuration
    • Firepower Threat Defense Device Registration
    • FXOS and Firepower Device Manager
    • Initial Device Setup
    • Managing NGFW Devices
    • Examining Firepower Management Center Policies
    • Examining Objects
    • Examining System Configuration and Health Monitoring
    • Device Management
    • Examining Firepower High Availability
    • Configuring High Availability
    • Cisco ASA to Firepower Migration
    • Migrating from Cisco ASA to Firepower Threat Defense
  • Cisco Firepower NGFW Traffic Control
    • Firepower Threat Defense Packet Processing
    • Implementing QoS
    • Bypassing Traffic
  • Cisco Firepower NGFW Address Translation
    • NAT Basics
    • Implementing NAT
    • NAT Rule Examples
    • Implementing NAT
  • Cisco Firepower Discovery
    • Examining Network Discovery
    • Configuring Network Discovery
  • Implementing Access Control Policies
    • Examining Access Control Policies
    • Examining Access Control Policy Rules and Default Action
    • Implementing Further Inspection
    • Examining Connection Events
    • Access Control Policy Advanced Settings
    • Access Control Policy Considerations
    • Implementing an Access Control Policy
  • Security Intelligence
    • Examining Security Intelligence
    • Examining Security Intelligence Objects
    • Security Intelligence Deployment and Logging
    • Implementing Security Intelligence
  • File Control and Advanced Malware Protection
    • Examining Malware and File Policy
    • Examining Advanced Malware Protection
  • Next-Generation Intrusion Prevention Systems
    • Examining Intrusion Prevention and Snort Rules
    • Examining Variables and Variable Sets
    • Examining Intrusion Policies
  • Site-to-Site VPN
    • Examining IPsec
    • Site-to-Site VPN Configuration
    • Site-to-Site VPN Troubleshooting
    • Implementing Site-to-Site VPN
  • Remote-Access VPN
    • Examining Remote-Access VPN
    • Examining Public-Key Cryptography and Certificates
    • Examining Certificate Enrollment
    • Remote-Access VPN Configuration
    • Implementing Remote-Access VPN
  • SSL Decryption
    • Examining SSL Decryption
    • Configuring SSL Policies
    • SSL Decryption Best Practices and Monitoring
  • Detailed Analysis Techniques
    • Examining Event Analysis
    • Examining Event Types
    • Examining Contextual Data
    • Examining Analysis Tools
    • Threat Analysis
  • System Administration
    • Managing Updates
    • Examining User Account Management Features
    • Configuring User Accounts
    • System Administration
  • Cisco Firepower Troubleshooting
    • Examining Common Misconfigurations
    • Examining Troubleshooting Commands
    • Firepower Troubleshooting

 

LABS

  • Initial Device Setup
  • Device Management
  • Configuring High Availability
  • Migrating from Cisco ASA to Cisco Firepower Threat Defense
  • Implementing QoS
  • Implementing NAT
  • Configuring Network Discovery
  • Implementing an Access Control Policy
  • Implementing Security Intelligence
  • Implementing Site-to-Site VPN
  • Implementing Remote Access VPN
  • Threat Analysis
  • System Administration
  • Firepower Troubleshooting
  • Initial Device Setup
  • Device Management
  • Configuring High Availability
  • Migrating from Cisco ASA to Cisco Firepower Threat Defense
  • Implementing QoS
  • Implementing NAT
  • Configuring Network Discovery
  • Implementing an Access Control Policy
  • Implementing Security Intelligence
  • Implementing Site-to-Site VPN
  • Implementing Remote Access VPN
  • Threat Analysis
  • System Administration
  • Firepower Troubleshooting
WHO SHOULD ATTEND
  • Security administrators
  • Security consultants
  • Network administrators
  • System engineers
  • Technical support personnel
  • Cisco integrators and partners
PREREQUISITES

  • Knowledge of TCP/IP and basic routing protocols
  • Familiarity with firewall, VPN, and Intrusion Prevention System (IPS) concepts