CISCO PIX
Firewall Administration
Course Overview
This is a lab-intensive, detailed course that
covers all the details on PIX
Firewall v6.x. With about
35-40 hands-on labs,
the course covers overall
concepts on internet and intranet security, provides an overview of firewall technologies,
explains PIX product structure and security implementation. Students will learn to:
- Identify network security threats
- Outline a network security policy
- Understand different components of PIX Firewall
- Identify PIX Firewall features, models,
components
- Do PIX Firewall installation and software
upgrades
- Configure multiple interfaces on the PIX
Firewall
- Understand Network Address Translation
- Configure inbound and outbound access
through the PIX Firewall
- Configure the PIX Firewall as a DHCP
server
- Configure the PIX Firewall as a DHCP
client
- Authentication and AAA
- Set up URL Filtering using WebSense
- Understand Encryption and VPN using PIX
- Build IPSEC VPNs between 2 PIX Firewalls using IKE and
preshare
- Build IPSEC VPN using the Cisco Secure Client and PIX
Firewall
- Configure using PIX Device Manager and use
it to configure the PIX Firewall
- Understand
- Implement Failover/Redundancy
- Password Recovery
- Logging to Syslog Server
- Configure the IDS feature set
- Maintenance and Troubleshooting
Course
Fee
The course fee
includes detailed course material. Free continental breakfast is provided
every day.
| Course |
Duration |
Cost |
Register |
| PIX Firewall |
3 days |
$1,995.00 |
Who Should Attend
Network Administrators and Security Professionals
interested in learning the CISCO PIX FireWall product and features with a hands-on
approach.
Prerequisites
Knowledge of TCP/IP and familiarity with configuring CISCO routers.
Course Outline
Overview
Introduces the PIX Firewall course and provides an introduction to various security
threats and different hack methods, The three primary methods of attack.
Learn about the Cisco AVVID and SAFE overview.
PIX Firewall Architecture
Examines the needs for using a firewall to protect your internal network from
external and internal intrusions and goes into the details of Adaptive Security Algorithm
and how PIX Firewall implements it.
PIX Firewall Product Overview
Provides details on the most current models of the PIX Firewall- PIX 506,
515, 520, 525, and 535 models. Goes into hardware and software configurations for the above models.
Configuring PIX Firewall
Examines how the PIX Firewall can be installed with the most current version of
the software. It goes into the details of key PIX command set, to make the PIX Firewall
operational. Understand how the packet flows between different security levels and do
hands-on lab to configure the PIX Firewall.
Lab Exercises : Covers all of the concepts
in this chapter
Configuring Multiple
Interfaces
Examine how to configure additional interfaces on the PIX Firewall such as
DMZConfiguring additional interfaces
Lab exercise: Configuring multiple
interfaces
Address Translation
Examines network address translation in PIX Firewall. Topics include the examination of
what is address translation, and why you should use address translation, how PIX Firewall
implements it. Learn how to set up nat and globals and conduits and access lists to deny
specific traffic.
Lab Exercises: Covers all of the concepts in this chapter
DHCP Support
Learn to configure the PIX Firewall as DHCP Server and DHCP Client
Lab exercises: Configure the PIX Firewall's
DHCP server and client features
Access Control Configuration
Learn how to set up access control on the PIX firewall.
Lab exercises: Configure the access-list using
NAT and no NAT
Authentication
Examines Cut-Through Proxy and how PIX Firewall implements authentication. Set up AAA to a
Cisco Secure Server and implement authentication for outbound and inbound traffic for
specific services.
Lab exercises: Configure
Authentication, Authorization and Accounting, troubleshooting AAA etc.
Content Filtering
Examines the methodology of setting up the firewall for URL screening, blocking JAVA
code, removing JAVA Script and stripping ActiveX tags. Learn about the fix-up protocol and
how PIX Firewall implements SMTP Mail Guard, DNS Guard etc.
Lab Exercises: Configure URL filtering using WebSense
Advanced Protocol
Handling
Configure PIX Firewall for Multimedia support
Lab exercises: Configure and test advanced
protocol handling
Attack Guards and
Intrusion Detection
Configure PIX Firewall to use attack guards and IDS signatures
Lab exercises: Configure the PIX Firewall
to use IDS signatures
Encryption & VPNs
Discusses and examines the importance and implementation of encryption, including
encryption keys, IPSEC and how PIX Firewall implements IPSEC in the new version v5.1.
Learn how to set up VPNs between two locations using IPSEC. Build VPNs between 2 PIX
Firewalls using IKE and preshare secret. You will also learn to build VPNs between Cisco
Secure Client and PIX Firewall. Learn how to set up VPNs between a Cisco Router and PIX
Firewall.
Lab exercises: Configure VPN between using 2
PIX Firewalls using IKE and IPSEC
Configure VPN using the Cisco Secure Client and PIX Firewall
Logging & PIX Firewall
Maintenence
Learn the different logging features and reporting features available on the PIX
Firewall. Learn how to do password recovery on the PIX Firewall. Learn to do
image upgrade.
Lab exercises: Covers the above concepts.
PIX Device Manager (PDM)
Provides PDM overview, PDM operating requirements. Learn to prepare
PIX Firewall for PDM, use PDM
Lab exercises: Install and configure PDM
CSPM (Cisco Secure Policy Manger)
Provides CSPM overview, CSPM operating requirements. Learn to setup
CSPM and configure PIX firewall using CSPM
Lab exercises: Covers
the above concepts using CSPM
PIX Firewall Failover
Examines PIX Firewall hot standby feature and how to configure it.
Lab exercises: Covers
the above concepts.
Putting it all together -
Case Study
This final section of the course will include a comprehensive lab where the student
is able to demonstrate all of the skills and knowledge learned with the PIX Firewall. |
