CSFA – Cisco Secure Firewall Advanced Features, Operations and Management
Course Duration
3 Days
Audience
Employees of federal, state and local governments; and businesses working with the government.
Prerequisites
Before taking this course, it would be good to have a basic understanding of Cisco Secure Firewall and some hands-on experience working on the device (Cisco Secure Firewall). If you don’t have the pre-requisites described above, then a good way to prepare for this course is to attend our course ’Introduction to Cisco Secure Firewall’.
Course Description
In this 3-day, lab intense course students will learn about many of the advanced features, day-2 operations and management of Cisco Secure Firewall / Firepower Threat Defense. Through intense lab exercises students will develop the skills to configure, manage and troubleshoot problems with Cisco FTD devices. After a short review of CSF, we will cover advanced features like security intelligence, file control, advanced malware protection, redundancy, external threat intelligence, domain management, SNORT3, and advanced packet flow analysis. We will also have a look at what’s new in version 7.x. You will gain leading-edge skills for high-demand security focused responsibilities.
Learning Objectives
- Describe the advanced features of a Next-Generation Firewall
- Explain the newly release features
- Configure advanced and newly released features
- Understand advanced packet flow analysis
Course Outline
Course Topics
- Device Configuration
- Traffic Control
- NAT Overview
- Network Discovery
- Overview of Policies
- Security Intelligence (SI)
- File Control and Advanced Malware Protection
- Malware and File Policy
- Overview of Intrusion Prevention and Snort Rules
- Firepower Recommendations
- Overview of High Availability (HA)
- Discuss active / standby HA
- Overview of external feeds
- Describe incidents
- Explain Cisco Threat Intelligence Director (CTID)
- Understanding subscription of CTID to external feeds
- Introduction to multi-tenancy using domains
- Managing domains
- Creating new domains
- Moving devices between domains
- Site-to-Site VPN
- RA-VPN
- Introduction to Snort3
- Explain Elephant Flow
- Discuss Snort3 recommendations
- Explain rule actions
- Using the ’Packet-Tracer’ feature
- Using the ’Capture with Trace’ feature
- VPN Load Balancing for FMC-managed devices
- Explain FQDN NAT
- Understand network wildcard mask object
- Discuss direct Internet access
- Describe AnyConnect with SAML external browser
- Explain encrypted visibility engine
- Discuss enhancement in TLS (focus on TLS 1.3)
Frequently Asked Questions
What does the CSFA – Cisco Secure Firewall Advanced Features, Operations and Management course cover?
This course covers CSFA – Cisco Secure Firewall Advanced Features, Operations and Management training and best practices. IT Dojo delivers it as live instructor-led training with an emphasis on practical skills for government and DoD professionals.
How long is IT Dojo's CSFA – Cisco Secure Firewall Advanced Features, Operations and Management training?
IT Dojo's CSFA – Cisco Secure Firewall Advanced Features, Operations and Management training is 3 Days. It is available as live remote online instruction or on-site at your facility. All sessions are instructor-led with small class sizes to ensure individual attention.
Is this course available as live remote online training?
Yes. IT Dojo offers CSFA – Cisco Secure Firewall Advanced Features, Operations and Management as live remote online training. A certified instructor leads the session in real time — students interact via chat or microphone. Classes are kept small (typically no more than 16 students) to ensure engagement. On-site delivery at your government facility or contractor location is also available.
What prerequisites are recommended before this course?
Before taking this course, it would be good to have a basic understanding of Cisco Secure Firewall and some hands-on experience working on the device (Cisco Secure Firewall). If you don’t have the pre-requisites described above, then a good way to prepare for this course is to attend our course ’Introduction to Cisco Secure Firewall’.
Does IT Dojo offer this training on-site at government or DoD facilities?
Yes. IT Dojo delivers CSFA – Cisco Secure Firewall Advanced Features, Operations and Management on-site at government agencies, DoD commands, military installations, and contractor facilities. On-site training is ideal for teams of four or more and can be customized to your organization's specific environment and mission requirements. Contact IT Dojo to schedule.
How do I register for this course?
IT Dojo training is employer-sponsored — your organization registers and pays for seats. To schedule CSFA – Cisco Secure Firewall Advanced Features, Operations and Management for your team, contact IT Dojo via the Request Training form or call 757-216-3656. IT Dojo will work with your contracting officer, training coordinator, or program office to set up the course.