CCSP Training

CCSP Online Training

Securing networks on routers and switches (SNRS)

ACL

  • Time-based Access List
  • Reflexive Access List
  • Dynamic Access List
  • Preventing IP Spoofing Using ACL’s and RPF

IOS Services

  • Configuring NAT on Routers
  • Configuring IP TCP Intercept
  • Configuring NTP
  • Disabling Unnecessary Services on the Routers
  • Implementing Quos for Traffic Control and Congestion

Management

  • Configuring CB-WFQ
  • Configuring LLQ
  • Rate-limiting

Using NBAR

  • Using NBAR for CB-WFQ
  • Using NBAR for LLQ
  • Using NBAR for Traffic Analysis

Blocking Attacks Using ACL’s

  • Blocking Fraggle, Smurf and Fragment Attacks
  • IP Spoofing Attacks

Mitigating Layer 2 Attacks

  • Mitigating MAC Spoofing Attacks
  • Mitigating ARP Spoofing Attacks
  • Mitigating Man-in-the-Middle Attacks
  • Preventing VLAN Hopping Attacks
  • Mitigating DHCP Attacks

Preventing DoS Attacks

  • Mitigating DoS attacks using CAR
  • Mitigating DoS and Syn attacks using CBAC
  • Mitigating DoS and Syn attacks using IP TCP Intercept

Mitigating Attacks using NBAR and FPM

  • Blocking HTTP attacks using NBAR
  • Blocking File Transfer Attacks using NBAR
  • Blocking Fragmented UDP Attacks using FPM
  • Blocking TCP SYN Flood Attacks using FPM

Service Provider Security

  • Blocking Attacks using PBR
  • Blocking Attacks Using Remote Triggered Black Hole
  • Troubleshooting

Firewalls – ASA & IOS Firewall

Basic ASA/IOS Configurations

  • Basic Configurations
  • Configure Static and Default Routes
  • Translations using Dynamic NAT/PAT configurations
  • Configuring communications between interface with the same security level interfaces.
  • Configuring Translations
  • Configuring Timeouts and Connection Limits
  • Configuring Management Protocols on the ASA
  • Configuring Service Protocols on the ASA
  • Access Control
  • Object Groups
  • Running RIP on the ASA
  • Running OSPF on the ASA
  • Running EIGRP on the ASA
  • Configuring Multicast Routing on the ASA
  • Configuring Java, ActiveX and URL Filtering

 Advanced ASA Configurations

  • Layer 2 Transparent Firewall
  • Configuring Management on a Transparent Firewall
  • Configuring ACLs on a Transparent Firewall
  • Configuring ARP Inspection on a Transparent Firewall
  • Configuring Failover
  • Configuring State full Failover
  • Configuring Application Aware Inspection
  • Configuring Quos on the ASA
  • Configuring TCP Normalization

Security Contexts and Redundancy

  • Configuring Multiple Contexts
  • Active/Active Failover using Security Contexts
  • Multi-Mode Transparent Firewall
  • Interface Redundancy
  • Route Tracking Using SLA Monitor

IOS Firewall – Basic Configurations

  • Basic IOS Firewall Configurations
  • Tuning DoS attack parameters
  • Enabling Auditing
  • Filtering (Java and URL Filtering)
  • PAM

IOS Firewall – Advanced Configurations

  • Configuring Zone Based Firewall – Creation of Zones
  • Configuring Zone Based Firewall – Configuring Traffic Policies for Inter-zone Traffic
  • Configuring Parameter-Maps for DoS Thresholds and Deep Packet Inspections

Virtual Private Networks (VPN)

LAN to LAN Tunnels – Basic

  • IPSec LAN-to-LAN Router to Router VPN
  • GRE/IPSec Using IPSec Profiles
  • IPSec LAN-to-LAN Router to ASA VPN
  • IPSec LAN-to-LAN Disabling NAT-T thru ASA
  • Multi-Point GRE Tunnel

LAN-to-LAN – Advanced

  • IPSec LAN-to-LAN using DMVPN
  • IPSec LAN-to-LAN with NAT (Overlapping Subnets)
  • High Availability VPN – Without HSRP
  • High Availability VPN – Using HSRP
  • IPSec LAN-to-LAN using GET VPN
  • IPSec LAN-to-LAN using ISAKMP Profiles

EZVPN Configurations

  • EZVPN Router-Router – Client Mode
  • EZVPN Router-Router – Network Extension Mode
  • EZVPN with Router-Cisco VPN Client
  • EZVPN ASA to Router/Cisco VPN client
  • IPSec Hair pinning with EZVPN

IPSec using CA Server

  • IPSec LAN-to-LAN Router Using CA Server
  • DMVPN Using CA Server

SSL VPN

  • SSL VPN on the ASA – Basic
  • SSL VPN on the ASA – Advanced

IPS/IDS

IPS Sensor Configurations – Inline Mode

  • IPS Sensor in Inline Mode
  • Signature Tuning on IPS Sensor
  • Signature Firing – Throttle Parameters
  • Configuring Multiple Virtual Sensors – Inline Mode
  • Custom Signatures
  • Configuring Custom Stream Signatures
  • Configuring Custom Packet Signatures
  • Configuring Custom HTTP Signatures
  • Tuning Fragmentation Parameters on the IPS Sensor
  • Configuring Custom Meta Signature
  • Configuring Custom AIC Signatures

IPS Sensor Tuning

  • Configuring Event Overrides
  • Configuring Event Filtering
  • Configuring SNMP Traps

Access Management

Configuring AAA Authentication for Management Access

  • Configuring AAA Clients on ACS Server
  • Configuring User & Group Accounts on the ACS Server
  • Configuring AAA Authentication on Routers/Switches
  • Configuring AAA Authentication on ASA

Configuring AAA for Command Authorization

  • Configuring AAA Command Authorization for   Routers/Switches
  • Configuring AAA Command Authorization for ASA

Configuring AAA Accounting

  • Configuring AAA Accounting for Router/Switches
  • Configuring AAA Accounting for ASA
  • Configuring AAA Usage Quotas for Users

Configuring Advanced Features

  • Configuring Authorization Proxy on the Router
  • Configuring Authorization Proxy on the ASA
  • Configuring Downloadable ACLS on the ASA
  • Configuring HTTP Authentication & Authorization on the Router

Send Enquiry

Your Name (required)

Your Email (required)

Your Phone No. (required)

Subject

Your Message