OneSource Professional Training Solutions, Inc. presents

SSECMGT - Managing Enterprise Security with CSM v4.0 On-Site Training

This on-site training class is also available as Public Schedule Seminar.

SSECMGT - Managing Enterprise Security with CSM v4.0

Course Description/Agenda

Cisco Security Manager (CSM) is an enterprise-class management application designed to configure:

Firewalls: ASA and router based
VPNs: DMVPN, GET, IPsec, and SSL
IPS security services: IOS IPS and appliance-based IPS

CSM can be used in networks of all sizes-from small networks to large networks consisting of thousands of devices-by using policy-based management techniques. Training on this core management system is a vital part of any Security Operations Center and any type of organization where device policies must be consistent.

Our enhanced and exclusive CSM labs go beyond the standard Cisco course material to address the top issues and features that you will face in a real-world production environment. You won't find these feature-rich add-ons in the standard Cisco course offerings:

The latest software version on the CSM
Live network devices running the latest code set, not "virtual devices"
Using a Cisco IPS and Cisco MARS to explore signatures and cross-launch capabilities
Role-based authorization using the Cisco ACS
AnyConnect 3.0 included in our SSL VPN lab

A Global Knowledge Exclusive: Bonus Lab Credits

You'll receive five extra security e-Lab credits (good for 30 days) to review a topic after class, refine your skills, or get in extra practice-whatever lab activities complete your training.

What You'll Learn

CSM overview and real-world deployment scenarios
Managing devices in CSM
Policy inheritance and policy sharing features in CSM
Creating and managing policies
Using and managing objects in CSM
Using Map view to link maps and create a drill-down action map
Using Map view and the Cisco AnyConnect client to create site-to-site VPNs and remote access VPNs, including SSL VPNs
Firewall services and objects that are used to manage firewall-related policies
Configuring platform policies on firewall devices
Configuring platform-specific services and policies on Cisco IPS sensors and Cisco IOS IPS devices, Cisco IOS routers, Catalyst 6500 Series switches, and Cisco 7600 Series routers
Tight integration and cross-launch functionality of the Cisco MARS to CSM using an IPS event
Best use of FlexConfig features
Managing deployments and configuration changes using Workflow and Non-Workflow mode
Viewing e-mails that management will review and take action on
Monitoring, troubleshooting, and diagnostic tools available in CSM
CSM 4.0 license changes
BOTNET and Global Correlation configuration support for Cisco ASA and IPS devices
Configuring SSL VPNs in CSM using AnyConnect 3.0 and CSD 3.5

Who Should Attend

Anyone interested in managing policy consistency
Customers managing multiple Cisco security devices
Network security engineers working in the enterprise sector

Course Prerequisites

CCNP Security certification
CCNP-level understanding of networking and routing
Understanding of different VPN technologies (such as DMVPN, GET VPN, and SSL VPN)
At least six months of practical experience configuring Cisco Security products
Familiarity with implementing network security policies and with the following networking components and concepts:
- Security technologies: NAT, PAT, ASA, VPN, IPS, ACS, MARS (optional), IOS integrated router and switch security, and security management software
- Security protocols: AAA, IPsec, IKE, and various tunneling protocols
- Application protocols: HTTP, HTTPS, ICMP, SSH, SSL, NTP, FTP, TFTP, DNS, etc.

Course Outline

1. CSM Overview

Using CSM
- Installation Procedure
- Working with the User Interface
- New Features of 4.0
Managing Devices
- Preparing the Devices for CSM
- Device View
- Adding Devices to CSM Inventory
- Working with Devices with Dynamically Assigned IP Addresses
- Device Properties, Credentials, and Grouping
- On-Demand, Out-of-Band Change Detection
Managing Policies
- Policies Overview
- Managing Policies in Device View
- Managing Shared Policies in Policy View
- Interface Roles
- Advanced Policy Features
- Policy Locking
- Discovering Policies
Managing Objects
- Objects Overview
- Policy Object Manager Window
- Overriding Global Objects for Individual Devices
- Selecting Objects for Policies
Using Map View
- Maps Overview
- Displaying Your Network on the Map
- Managing Firewall Services
- Managing VPNs
- Managing Device Policies

2. Firewall Policy Management

Managing Firewall Services
- Managing Rules Tables
- Access Rules and Their Functions
- Access Control Settings
- Inspection Rules
- AAA Rules
- Web Filter Rules
- Transparent and Zone-Based Firewall Rules
- Interface and Global Rules
- Botnet Traffic Filtering
Managing Firewall Devices
- Platform Policies
- NAT Policies
- Bridging Policies
- Device Administration Policies
- Logging Policies
- Multicast Policies
- Routing Policies
- Security Policies
- Service Policy Rules
- Security Contexts
Event Monitoring and Rule Correlation for Firewalls
- Supported Devices and Events in Event Viewer
- EventServer Overview
- Cisco ASA Device Bootstrapping
- Event-to-Policy Correlation
- Event Collection and Event Viewer Settings

3. VPN Policy Configuration

Managing VPNs
- Overview of Site-to-Site VPNs
- Working with VPN Topologies
- Working with Site-to-Site VPN Policies
- Configuring Advanced VPN Platforms
Managing Remote Access IPsec VPNs
- Overview of Remote-Access VPNs
- Working with Policies in Remote-Access VPNs
- Configuring VPN Options
Configuring Client-Based SSL VPNs
- SSL VPN Management Features and Platform Support
- Overview of Remote-Access SSL VPNs
- Bootstrapping Cisco ASA for Full Tunnel SSL VPN
- Configuring Full Tunnel SSL VPN