Home     Business Solutions    eLearning     Room Rentals    Resources     About Us    Careers    Directions    Contact Us     
Search Courses:



Download our
current catalog!









New Horizons Computer Learning Center
410-597-9722

 

SMN v1.1 - Implementing Security Manager for Cisco Networks

Description

Cisco Security Manager 3.x supports integrated provisioning of VPN and firewall services across IOS routers, PIX, ASA security appliances, IPS, and services modules in Catalyst 6500 switch series and Cisco 7600 router series devices. The resulting learning product, SMN v1.1, is a performance-based course comprised of lessons and lab activities.

Cisco Security Manager centrally provisions all aspects of device configurations and security policies for Cisco firewalls, virtual private networks (VPNs), and Cisco Intrusion Prevention System (IPS). It also supports advanced settings that are not strictly related to security, such as quality of service (QoS) routing and Simple Network Management Protocol (SNMP).

Cisco Security Manager 3.x is suitable for managing small networks consisting of a handful of devices, but also scales to efficiently manage large scale networks consisting of thousands of devices. Scalability is achieved through intelligent policy-based management techniques that can simplify administration.

Objectives

  • Describe the Cisco Security Manager solution, features, and functions
  • Describe how to manage devices in Cisco Security Manager
  • Describe the concept of policies in Cisco Security Manager and how to use and manage them
  • Describe the concept of objects in Cisco Security Manager and how to use and manage them
  • Describe how to use the Map view
  • Describe various services and platform policies that are used to manage site-to-site VPN, remote-access VPN, and SSL VPN
  • Describe various firewall services that are used to manage firewall-related policies
  • Describe how to configure platform policies on firewall devices
  • Describe how to configure platform-specific services and policies on Cisco IPS sensors and Cisco IOS IPS devices
  • Describe how to configure platform policies and interface policies on Cisco IOS routers
  • Describe how to configure platform-specific services and policies on Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • Describe the FlexConfig feature and how to use it
  • Describe the process of working with activities and managing deployment in Cisco Security Manager
  • Describe monitoring, troubleshooting, and diagnostic tools that are available in Cisco Security Manager

Prerequisites

  • Cisco CCSP® certification or the equivalent knowledge
  • Passage of the Securing Networks with PIX and ASA exam (642-522 SNPA) and the Securing Networks with Cisco Routers and Switches exam (642-503 SNRS) or equivalent knowledge.
  • Familiarity with implementing network security policies and these networking components and concepts:
    • Security Technologies: NAT, PAT, firewall appliances, VPN, IPS, CSA, ACS, integrated router and switch security and security management software.
    • Security Protocols: AAA, IPSec, IKE, and various tunneling protocols.
    • Application Protocols: HTTP, HTTPS, ICMP, SSH, SSL, NTP, FTP, TFTP, DNS etc.

Who Should Attend

The primary and secondary audience for this course is as follows:

  • Engineers who support sales of Cisco security product solutions
  • Cisco channel partners who sell, implement, and maintain secure networks
  • Cisco customers who implement and maintain secure networks

Course Outline

  • Module 1: Cisco Security Manager Overview
    Lesson 1: Introducing Cisco Security Manager
    • Product Overview
    • Using Cisco Security Manager
    • Installing Cisco Security Manager
    • Working with the Cisco Security Manager User Interface

Lesson 2: Managing Devices

    • Preparing the Devices for Cisco Security Manager to Manage
    • Understanding Device View
    • Adding Devices to the Cisco Security Manager Inventory
    • Working with Devices with Dynamically Assigned IP Addresses
    • Understanding Device Credentials
    • Testing Device Connectivity
    • Understanding Device Properties
    • Understanding Device Grouping

Lesson 3: Managing Policies

    • Understanding Policies
    • Managing Policies in Device View
    • Managing Shared Policies in Policy View
    • Advanced Policy Features
    • Discovering Policies

Lesson 4: Managing Objects

    • Objects Overview
    • Understanding the Policy Object Manager Window
    • Overriding Global Objects for Individual Devices
    • Selecting Objects for Policies

Lesson 5: Using Map View

    • Understanding Maps
    • Displaying Your Network on the Map
    • Managing Firewall Services in Map View
    • Managing VPNs in Map View
    • Managing Device Policies in Map View
  • Module 2: Provisioning Cisco Security Devices
    Lesson 1: Managing Virtual Private Networks
    • Overview of Site-to-Site VPNs
    • Working with VPN Topologies
    • Working with Site-to-Site VPN Policies
    • Overview of Remote-Access VPNs
    • Working with Policies in Remote-Access VPNs

Lesson 2: Managing SSL VPNs

    • Overview of SSL VPNs
    • Configuring SSL VPN on a Cisco IOS Device

Lesson 3: Managing Firewall Services

    • Overview of Managing Firewall Services
    • Managing Rules Tables
    • Understanding Access Rules
    • ACL Settings
    • Inspection Rules
    • AAA Rules
    • Web Filter Rules
    • Transparent Firewall Rules

Lesson 4: Managing Firewall Devices

    • Platform Policies on Firewall Devices

Lesson 5: Managing Cisco IPS Services and Devices

    • Overview of Network Sensing
    • Configuring Interfaces
    • Configuring Signatures
    • Configuring Anomaly Detection
    • Configuring Event Actions
    • Configuring Policies for Cisco IOS IPS Devices
    • Managing Cisco IPS Devices

Lesson 6: Managing Routers

    • Overview of Policy Management on Cisco IOS Routers
    • Working with Platform Policies for Cisco IOS Routers

Lesson 7: Managing Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers

    • Overview of Managing Catalyst 6500 Series Switches and Cisco 7600 Series Routers
    • Managing Policies for Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • Module 3: Managing FlexConfigs, Deployment, and Administration in Cisco Security Manager
    Lesson 1: Managing FlexConfigs
    • Understanding FlexConfig
    • Working with FlexConfig Policy Objects

Lesson 2: Managing Activities and Workflow Deployments

    • Understanding Activities
    • Working with Activities
    • Managing Deployment

Lesson 3: Using Monitoring, Troubleshooting, and Diagnostic Tools

    • Using the Tools Menu
    • Using Monitoring, Troubleshooting, and Diagnostic Tools

Lab Outline

  • Pre-Lab Activity: Remote Server and Terminal Server Access
  • Lab 1-1: Device Bootstrap and Connectivity Test
  • Lab 1-2: Device Import
  • Lab 1-3: Interface Role Definitions and Uses
  • Lab 1-4: Policy Object Creation
  • Lab 2-1: Firewall Policy Management: Policy Sharing
  • Lab 2-2: Firewall Policy Management: Policy Inheritance
  • Lab 2-3: NAT and Inspection Rules Configuration
  • Lab 2-4: VPN Deployment Management
  • Lab 2-5: Cisco ASA Virtual Firewall Management
  • Lab 3-1: Device Management with CiscoWorks Auto Update Server

 

6940 Tudsbury Road, Baltimore, MD 21244.nhbaltimore.com
Home     Search     Site Map    Privacy Policy    Contact     Maps/Directions

New Horizons Computer Learning Centers
6940 Tudsbury Road, Baltimore, MD 21244   (410) 597-9722
Copyright © 2005 New Horizons Computer Learning Centers of Baltimore. All rights reserved.