Log On/Register  

855.838.5028

Cisco - FirePOWER 6.1 Advanced Administration

Duration: 3 Days
Course Price: $3,995

Course Description

Learn the Firepower Management Center 6.1 using the ASA with FirePOWER and understand how the Firepower Threat Defense (FTD) can be used in your organizations security posture.

Course Objectives

Upon completion of this course, you should be able to:

  • Understand Sourcefire, Firepower 6.1, FireAMP, and Firepower Threat Defense (FTD)
  • Install Firepower on a Cisco ASA
  • Install & Configure the Firepower (SFR) Services Modules and Management Center (FMC)
  • Manage the Firepower Manager and Firepower Threat Defense (FTD)
  • Describe the Cisco Firepower systems infrastructure
  • Navigate the user interface and administrative features of the Cisco Firepower 6.1 system, including advanced analysis and reporting functionality to properly assess threats
  • Describe how to deploy and manage Firepower modules in ASA’s, Meriaki firewalls, ISRG2 routers and Cisco appliances
  • Describe the System and Health policies and implement them
  • Describe the role Network Discovery (Firepower) technology plays in the Cisco devices
  • Describe, create, and implement objects for use in Access Control policies
  • Create DNS and URL policies and configure Sinkholes
  • Describe advanced policy configuration and Firepower system configuration options
  • Configure Malware Policies to find and stop Malware and to find and stop Ransomware
  • Understand how to fine tune IPS policies and fine tune Snort Preprocessor policies
  • Configure Correlation events, white rules, traffic profiles and create respective events and remediate and analyze events
  • Create and schedule reporting templates
  • Configure backups, rule updates, Firepower Recommendations, URL updates, and more to run every week automatically
  • Set up external authentication for users using LDAP, AD and the Sourcefire User Agent (SFUA)
  • Configuring system integration, realms, and identity sources

Course Description

Learn the Firepower Management Center 6.1 using the ASA with FirePOWER and understand how the Firepower Threat Defense (FTD) can be used in your organizations security posture.

Course Objectives

Upon completion of this course, you should be able to:

  • Understand Sourcefire, Firepower 6.1, FireAMP, and Firepower Threat Defense (FTD)
  • Install Firepower on a Cisco ASA
  • Install & Configure the Firepower (SFR) Services Modules and Management Center (FMC)
  • Manage the Firepower Manager and Firepower Threat Defense (FTD)
  • Describe the Cisco Firepower systems infrastructure
  • Navigate the user interface and administrative features of the Cisco Firepower 6.1 system, including advanced analysis and reporting functionality to properly assess threats
  • Describe how to deploy and manage Firepower modules in ASA’s, Meriaki firewalls, ISRG2 routers and Cisco appliances
  • Describe the System and Health policies and implement them
  • Describe the role Network Discovery (Firepower) technology plays in the Cisco devices
  • Describe, create, and implement objects for use in Access Control policies
  • Create DNS and URL policies and configure Sinkholes
  • Describe advanced policy configuration and Firepower system configuration options
  • Configure Malware Policies to find and stop Malware and to find and stop Ransomware
  • Understand how to fine tune IPS policies and fine tune Snort Preprocessor policies
  • Configure Correlation events, white rules, traffic profiles and create respective events and remediate and analyze events
  • Create and schedule reporting templates
  • Configure backups, rule updates, Firepower Recommendations, URL updates, and more to run every week automatically
  • Set up external authentication for users using LDAP, AD and the Sourcefire User Agent (SFUA)
  • Configuring system integration, realms, and identity sources

 

Module 1: Introduction: FirePOWER Overview

Module 2: Understanding managed devices and the FMC

Module 3: Configuring and applying the System Configuration

Module 4: Configuring and applying Health Polices

Module 5: Creating Objects

Module 6: Module Malware/File Policy

Module 7: Identity Policy

Module 8: FirePOWER Threat Defense

Module 9: IPS policies

Module 10: Access control Policies

Module 11: Network Discovery Policy (FirePOWER)

Module 12: User Management

Module 13: Intrusion Event Analysis

Module 14: Snort Preprocessors

Module 15: Correlation policies/White Lists/Traffic Profiles

Module 16: URL and DNS Policies

Module 17: Reporting and Task Management

 

LABS

  • Lab 1: Lab layout and logging into your equipment
  • Lab 2: Configuring your managed device to associate to a FirePOWER Management Center (FMC)
  • Lab 3: Logging into the FMC
  • Lab 4: Adding a managed device to the FMC and configuring Application Bypass
  • Lab 5: Platform Settings. Creating a System policy and applying it to the managed device
  • Lab 6: Creating a Health policy and applying it to the managed device
  • Lab 7: Viewing Health information
  • Lab 8: Creating Network Objects
  • Lab 9: Creating and implementing a Malware/File Policy
  • Lab 10: Setting up LDAP and the SFUA
  • Lab 11: Creating an Identity policy
  • Lab 12: Bring your FTD device into the FMC
  • Lab 13: Configuring Interface
  • Lab 14: Configuring ACL’s and more
  • Lab 15: Creating an IPS Policy
  • Lab 16: Creating an Access control policy and adding your File and IPS policies
  • Lab 17: Configuring a Discovery Policy and applying it to your managed device
  • Lab 18: Configuring LDAP and the Sourcefire User Agent (SFUA)
  • Lab 19: Setting up FirePOWER Recommended Rules
  • Lab 20: Viewing Connection Events
  • Lab 21: Viewing the FirePOWER discovered Network Map
  • Lab 22: Creating Host Attributes
  • Lab 23: Configuring a user in the local database
  • Lab 24: Configuring Permission Escalation
  • Lab 25: Configuring external user authentication
  • Lab 26: Intrusion Event Analysis
  • Lab 27: FirePOWER Analysis
  • Lab 28: Modifying the HTTP Configuration Preprocessor
  • Lab 29: Enabling Inline Normalization and Adaptive Profiles
  • Lab 30: Demonstrate the Validation of Preprocess Setting on Policy Commit
  • Lab 31: Create and implement a Correlation rule, White List and Traffic Profiles
  • Lab 32: Configuring a URL and DNS Filter
  • Lab 33: Creating multiple custom reports and scheduling the reports
Learn More
Please type the letters below so we know you are not a robot (upper or lower case):