Network Security (Cisco)

Network Security

As organizations accelerate their interest in Internet business solutions, they need qualified professionals who possess the skills necessary to ensure the security of all network-based transactions. This Cisco Security training will improve your skills and knowledge in three key areas of network security: firewalls, intrusion detection systems, and virtual private networks.

This course will prepare students for the Securing Cisco IOS Networks and Cisco Secure PIX Firewall Advanced certification exams. In addition, the course also maps to the CompTIA Security+ certification.

Audience

Completion of CCNA course 4 or CCNA certification is a prerequisite. A Cisco Security candidate should also have 2 years of experience working in a network operations role.

Course Schedule - From the two pull down windows:

1. Select Term

2. Select 'CNT' for your Academic Department

Tuition covers the cost of the course. Books, certification exams, and other materials must be paid by the student. For more information on a payment plan, contact Lynn Mesna at 651-450-8578.

Class Descriptions

Network Security Outline

Module 1—Overview of Network Security

OVERVIEW OF NETWORK SECURITY
WEAKNESSES, THREATS AND IMPROPER USE OF THE NETWORK
SECURITY FRAMEWORK & POLICY
SECURITY PRODUCTS AND SOLUTION

Module 2 General Router Security

GENERAL ROUTER AND SWITCH SECURITY
DISABLE UNNEEDED SERVICES
SECURING THE PERIMETER ROUTER
ROUTER MANAGEMENT
SECURING SWITCHES AND LAN ACCESS

Module 3 ACLs and CBAC

ACCESS CONTROL LISTS
TYPES OF IP ACLS
CONTENT BASED ACCESS CONTROL (CBAC)
CONFIGURE CBAC (TASK 1 AND 2)
TASK 3: PORT-TO-APPLICATION MAPPING (PAM)
TASK 4: DEFINE INSPECTION RULES
TASK 6: TEST AND VERIFY CBAC

Module 4 Router AAA Security

AAA SECURES NETWORK ACCESS
NETWORK ACCESS SERVER (NAS) AAA AUTHENTICATION PROCESS
CISCO SECURE ACS
AAA SERVERS OVERVIEW AND CONFIGURATION
THE CISCO IOS FIREWALL AUTHENTICATION PROXY

Module 5 Router Intrusion Detection, Monitoring and Management

CISCO IOS FIREWALL IDS
INITIALIZE, CONFIGURE AND VERIFY CISCO IOS FIREWALL IDS
MONITORING WITH LOGGING AND SYSLOG
SNMP
MANAGING THE ROUTER
SECURITY DEVICE MANAGER

Module 6 Router Site to Site VPN

VIRTUAL PRIVATE NETWORKS
IOS CRYPTOSYSTEM
IPSEC
SITE-TO-SITE IPSEC VPN USING PRE-SHARED KEYS
DIGITAL CERTIFICATES
CONFIGURE SITE-TO-SITE IPSEC VPN USING DIGITAL CERTIFICATES

Module 7 Remote Access and VPN

REMOTE ACCESS VPN
CISCO EASY VPN
CISCO VPN 3.5 CLIENT
VPN ENTERPRISE MANAGEMENT

Module 8 PIX Security Appliance

INTRODUCTION TO FIREWALLS
THE CISCO PIX SECURITY APPLIANCE
GETTING STARTED
ROUTING CONFIGURATION
PIX DYNAMIC HOST CONTROL PROTOCOL (DHCP)

Module 9 PIX Translations and Connections

TRANSPORT PROTOCOLS
NETWORK ADDRESS TRANSLATIONS
CONFIGURING DNS SUPPORT
CONNECTIONS
PORT ADDRESS TRANSLATION (PAT)
MULTIPLE INTERFACES ON A PIX FIREWALL

Module 10 Access Control Lists and the PIX Security Appliance

ACCESS CONTROL LISTS AND THE PIX SECURITY APPLIANCE
USING ACLS
FILTERING
OBJECT GROUPING
NESTED OBJECT GROUPS

Module 11 PIX Security Appliance AAA

AAA
AUTHENTICATION CONFIGURATION
AUTHORIZATION AND ACCOUNTING CONFIGURATION
PPPOE AND THE PIX SECURITY APPLIANCE

Module 12 PIX IDS

ADVANCED PROTOCOLS
MULTIMEDIA SUPPORT
ATTACK GUARDS
INTRUSION DETECTION
SHUNNING
SYSLOG CONFIGURATION ON THE PIX
SNMP

Module 13 PIX Failover and System Maintenance

UNDERSTANDING FAILOVER
FAILOVER CONFIGURATION WITH A FAILOVER SERIAL CABLE
LAN-BASED FAILOVER
SYSTEM MAINTENANCE VIA REMOTE ACCESS
COMMAND AUTHORIZATION
PIX MANAGEMENT TOOLS
PASSWORD RECOVERY, IMAGE UPGRADES, AND ACTIVATION KEYS

Module 14 PIX VPNs

THE PIX SECURITY APPLIANCE ENABLES A SECURE VPN
TASKS TO CONFIGURE VPN

TASK 1—PREPARE TO CONFIGURE VPN SUPPORT
TASK 2—CONFIGURE IKE PARAMETERS
TASK 3—CONFIGURE IPSEC ARAMETERS
TASK 4—TEST AND VERIFY VPN CONFIGURATION

THE CISCO VPN CLIENT
SCALE PIX VPNS

Module 15—PIX Device Manager

THE CISCO PIX DEVICE MANAGER (PDM)
PREPARATION FOR PDM
USING PDM TO CONFIGURE THE PIX FIREWALL
USING PDM TO CREATE SITE-TO-SITE VPNS
USING PDM TO CREATE REMOTE ACCESS VPNs