This book is written for Network engineers working in the Security field and to prepare the CCNP Security exam, it includes Cisco ASA Firewall, ASA with FirePOWER, Firepower Threat Defense FTD, Web Security Appliance, VPN Technologies, Cisco ISE, Cisco Umbrella and Layer 2 Security with practice labs in one book with a simple explanation through 85 Scenarios.
Lab 1: FTD Basic Configuration Lab 2: FTD NAT Policy Lab 3: FTD SSL Decryption for Outbound Connection Lab 4: Security Intelligence Lab 5: QoS on Firepower Threat Defense Lab 6: Advanced Malware Protection AMP Lab 7: Network Discovery Policy Lab 8: Intrusion Prevention System IPS Policy Scenario 1 Lab 9: Intrusion Prevention System IPS Policy Scenario 2 Lab 10: Configuration of PBR using FlexConfig on FTD Lab 11: Firepower Threat Defense Failover Active/Standby Lab 12: Pre-Filter Policy on Firepower Threat Defense Lab 13: VPN Site to Site with IKEv2 on Firepower
Web Security Appliance Lab 1: Cisco WSA installation License Wizard Lab 2: Transparent mode with WCCP and Access Policies Lab 3: Custom URL Category Configuration Lab 4: Configure Application Visibility Control for the Access Policy Lab 5: Proxy Authentication using AD Realm Lab 6: Identification Profile and Access Policies Lab 7: HTTPS Decryption Lab 8: Referrer Header Exception Lab 9: Application Visibility and Control
Cisco Umbrella Lab 1: Cisco Umbrella Basic Configuration Lab 2: Intelligent Proxy and SSL Decryption Lab 3: IP Layer Enforcement in Cisco Umbrella Lab 4: Umbrella Active Directory Integration With Roaming Client
VPN Technologies Lab 1: Static VTI Point-To-Point tunnel Lab 2: Dynamic VTI Hub and Spoke tunnel Lab 3: VPN Site-to-Site with dynamic IP Lab 4: DMVPN Phase 2 using EIGRP Lab 5: DMVPN Phase 2 using OSPF Lab 6: DMVPN Phase 3 using EIGRP Lab 7: DMVPN Phase 3 using OSPF Lab 8: VPN Site-to-Site between ASA using PKI Lab 9: Site-to-Site FlexVPN IOS router Lab 10: GRE VPN over IPsec Lab 11: Site-to-Site IKEv2 IPsec VPN Lab 12: Basic VPN AnyConnect Remote Access Lab 13: VPN AnyConnect authentication using ACS Lab 14: VPN AnyConnect authentication using ISE Lab 15: Basic VPN Clientless Remote Access Lab 16: VPN Clientless authentication using ISE
Cisco Identity Services Engine 2.6 Lab 1: Cipher Negotiation TLS Issues Lab 2: 802.1X With Dynamic VLAN and DACL Lab 3: Advanced 802.1X Configuration Lab 4: Guest With Self-Registered Portal Lab 5: Guest With Hotspot Portal Lab 6: Profiling Using DHCP Probe Lab 7: Device Admin using TACACS Lab 8: Advanced TACACS 1 Lab 9: ISE With F5 LTM Lab 10: VPN Anyconnect with ISE and Tunnel-Group-Lock Lab 11: Authorization Policy Based On Profiling Data Lab 12: Cisco ISE with F5 BIG-IP for Dot1x Load Balancing Lab 13: Cisco ISE with F5 BIG-IP for Guest Load Balancing
Cisco Identity Services Engine 1.4
Lab 1: ISE Installation Lab 2: Basic 802.1X Authentication Lab 3: 802.1X Restricted VLAN Lab 4: 802.1X Guest VLAN Lab 5: 802.1X MAC Authentication Bypass Lab 6: 802.1X VLAN assignments Lab 7: Web Authentication Lab 8: Profiling in the Authorization Policy
Is it possible to use tcp port 443 for the ISE guest portals (hotspot, self-register, etc)? Typically the port range for guest portals are TCP/8000-8999 (default port is TCP/8443). If not, is there a way to make it work, without say using a load-balancer ...
Hi,Recently we added zScaler IPs to our existing Local LAN Access ACL. The idea was that since this ACL is a split tunnel exclude it will exclude the zScaler IPs as well. This way RAVPN users will have their HTTP/s traffic protected by the cloud proxy and...
Hello All, We have ISE 2.2 setup where a default device profile of Cisco is used so that all the WLCs used at remote locations get access directly. We also use Aruba iAPs that are configured in the Network Devices list. My question is what ...
In regards to Cisco's Threat Deteaction how would you scan for insider threats if the device doesn't have the Secure Endpoint software installed? Situation: The LAN is setup with Cisco Firepower FMC monitoring with AMP for Endpoints or (Secure ...