Cisco CCNP Security Firepower - Securing Networks Cisco Firepower Next Gen Firewall (SSNGFW) / Securing Networks Cisco Firepower Next Gen IPS (SSFIPS)
Start Date - End Date April 10 - April 18, 2023
Address 467 Herndon Pkwy
City HerndonState VA
Download the complete PDF for this course to see the detailed course outline.
Course Overview
thinQtank® Learning is offering a unique nine-day training camp comprised of five days of instructor-led learning for Securing Networks with Cisco Firepower Next Generation Firewall (SSNGFW) and Securing Networks with Cisco Firepower Next Generation IPS (SSFIPS). As with all of our Cisco Training Experiences - exams are delivered in the classroom.
SSNGFW
This portion of the course prepares students with the knowledge and skills to use and configure Cisco Firepower Threat Defense technology, beginning with initial device setup and configuration and including routing, high availability, Cisco Adaptive Security Appliance (ASA) to Cisco Firepower Threat Defense migration, traffic control, and Network Address Translation (NAT). Students will learn how to implement advanced Next-Generation Firewall (NGFW) and Next-Generation Intrusion Prevention System (NGIPS) features, including network intelligence, file type detection, network-based malware detection, and deep packet inspection. Students will also learn how to configure site-to-site VPN, remote-access VPN, and SSL decryption before moving on to detailed analysis, system administration, and troubleshooting.
SSFIPS
This portion of the course gives students the knowledge and skills to use the NGIPS platform features and includes firewall security concepts, platform architecture and key features; in-depth event analysis including detection of network-based malware and file type, NGIPS tuning and configuration including application control, security intelligence, firewall, and network-based malware and file controls; Snort rules language; file and malware inspection, security intelligence, and network analysis policy configuration designed to detect traffic patterns; configuration and deployment of correlation policies to take action based on events detected; troubleshooting; system and user administration tasks, and more.
This course helps students prepare to take the Securing Networks with Cisco Firepower (300-710 SNCF) exam, which leads to CCNP Security and Cisco Certified Specialist - Network Security Firepower certifications.
Our Learning Exclusive
In our classroom, students receive gigabytes of take-home CBT and lab material with over four-hundred labs to keep practicing and refining the skills learned in the classroom. Additionally, our students receive:
■ thinQtank® Learning Accelerated Custom Exam Study Guide for the ENCORE and ENARSI exams
■ Exam delivery in classroom with 98% success
■ Custom and focused exam preparation software and materials
■ Course specific thinQtank® Learning publications to promote a fun and exciting learning
■ Membership to the thinQtank® Learning University Online
■ WE DO NOT "TEACH THE TEST" - Students will receive valuable examples and discussion
■ Receive all reading material and study guides when you register
■ All courses taught by CCIE Certified instructors
Course Objectives SSNGFW
After taking this portion of the course, students should be able to:
■ Describe key concepts of NGIPS and NGFW technology and the Cisco Firepower Threat Defense system, and identify deployment scenarios
■ Perform initial Cisco Firepower Threat Defense device configuration and setup tasks
■ Describe how to manage traffic and implement Quality of Service (QoS) using Cisco Firepower Threat Defense
■ Describe how to implement NAT by using Cisco Firepower Threat Defense
■ Perform an initial network discovery, using Cisco Firepower to identify hosts, applications, and services
■ Describe the behavior, usage, and implementation procedure for access control policies
■ Describe the concepts and procedures for implementing security intelligence features
■ Describe Cisco Advanced Malware Protection (AMP) for Networks and the procedures for implementing file control and advanced malware protection
■ Implement and manage intrusion policies
■ Describe the components and configuration of site-to-site VPN
■ Describe and configure a remote-access SSL VPN that uses Cisco AnyConnect
■ Describe SSL decryption capabilities and usage
■ Implement Cisco Firepower NGFW to provide advanced threat protection before, during, and after attacks
■ Gain leading-edge skills for high-demand responsibilities focused on security
Course Objectives SSFIPS
After taking this portion of the course, students should be able to:
■ Implement Cisco Firepower Next-Generation IPS to stop threats, address attacks, increase vulnerability prevention against suspicious files, and analyze for not-yet-identified threats
■ Gain leading-edge skills for high-demand responsibilities focused on security
■ Describe the components of Cisco Firepower Threat Defense and the managed device registration process
■ Detail Next-Generation Firewalls (NGFW) traffic control and configure the Cisco Firepower system for network discovery
■ Implement access control policies and describe access control policy advanced features
■ Configure security intelligences features and the Advanced Malware Protection (AMP) for Networks implementation procedure for file control and advanced malware protection
■ Implement and manage intrusion and network analysis policies for NGIPS inspection
■ Describe and demonstrate the detailed analysis techniques and reporting features provided by the Cisco Firepower Management Center
■ Integrate the Cisco Firepower Management Center with an external logging destination
■ Describe and demonstrate the external alerting options available to Cisco Firepower Management Center and configure a correlation policy
■ Describe key Cisco Firepower Management Center software update and user account management features
■ Identify commonly misconfigured settings within the Cisco Firepower Management Center and use basic commands to troubleshoot a Cisco Firepower Threat Defense device
Exclusive Package Ensuring Success
■ Additional hours of remote lab access
■ Custom video recordings with even more in-depth learning of course topics
■ Customized practice exam software
■ Digital courseware
■ Retake any or all portions of the course as many times as you like in person or live on-line for 24 months
■ Six months mentoring access to CCIE engineers after completing the course
Course Duration
■ Nine days of instructor-led learning
■ Five days SSNGFW and four days SSFIPS
■ 60% lecture, 40% hands-on labs
Prerequisites
■ Knowledge of TCP/IP and basic routing protocols
■ Familiarity with firewall, VPN, and Intrusion Prevention System (IPS) concepts
■ Basic familiarity with the concepts of Intrusion Detection Systems (IDS) and IPS
Target Audience
■ Security administrators
■ Security consultants
■ Network administrators
■ System engineers
■ Technical support personnel
Exam Information
■ 300-710 - Securing Networks with Cisco Firepower (SNCF)
Delivery Methods
■ Instructor-Led Training
■ Immersive Live-Online Training
■ On-Site and Custom Delivery