ASA Essentials

ASA (Adaptive Security Appliance) Essentials v3.0 is an instructor-led course designed to provide the essential skills required to configure, maintain and operate Cisco ASA 5500-X Series firewalls based on ASA Software v9.x. If you need to get up to speed quickly with Cisco's ASAs, this is the course for you.

We have combined the most important content from Cisco's Authorized CCNP Security courses and added additional information on the new features in v9.x software to hone in on the most crucial aspects of the Cisco ASA. In just one week, students will cover: Firewall Basics, Network Address Translation (NAT), Access Control Lists (ACLs), Object Groups, Stateful Inspection, Modular Policy Framework, public key infrastructure (PKI) Integration, Site-to-site and Remote Access virtual private network (VPN) - both IP security (IPsec) and Secure Sockets Layer (SSL), Active/Standby Failover and Server-based Authentication, Authorization and Accounting (AAA) using Access Control Server (ACS) 5.2.

Upcoming Dates

Class Date Class Hours Location GTR Price  

What's Included

  • Comprehensive study materials, including official Cisco courseware
  • Remote lab access


  • A valid CCNA certification or higher Cisco certification is recommended.
  • Students should have knowledge of Implementing Cisco IOS Network Security (IINS).

Course Objectives

After completing this course, you will be able to:

  • Describe the technology and features of the Cisco ASA.
  • Describe the Cisco ASA product family.
  • Describe how ASAs protect network devices from attacks.
  • Bootstrap the security appliance.
  • Prepare the security appliance for configuration via the Cisco Adaptive Security Device Manager (ASDM).
  • Launch and navigate ASDM.
  • Implement essential security appliance configuration using ASDM and the command-line interface (CLI).
  • Configure dynamic and static address translations.
  • Configure access policy based on ACLs.
  • Use object groups to simplify ACL complexity and maintenance.
  • Use the Modular Policy Framework to provide unique policies to specific data flows.
  • Handle advanced protocols with application inspection.
  • Troubleshoot with syslog and tcp ping.
  • Configure the ASA to work with Cisco Secure ACS 5.2 for Remote Authentication Dial-In User Service (RADIUS)-based AAA of VPNs.
  • Implement site-to-site IPsec VPN.
  • Implement remote access IPsec and SSL VPNs using the Cisco AnyConnect 3.0 Secure Mobility Client.
  • Work with the 5.x Legacy Cisco IPsec VPN client and Anyconnect VPN client.
  • Deploy clientless SSL VPN access, including smart tunnels, plug-ins and web-type ACLs.
  • Configure access control policies to implement your security policy across all classes of VPN.
  • Configure Active/Standby failover for both firewall and VPN high availability.

Course Outline

Module 1: Cisco ASA Essentials

  • Lesson 1: Evaluating Cisco ASA Technologies
  • Lesson 2: Identifying Cisco ASA Families

Module 2: Basic Connectivity and Device Management

  • Lesson 1: Preparing the Cisco ASA for Network Integration
  • Lesson 2: Managing Basic Cisco ASA Network Settings
  • Lesson 3: Configuring Cisco ASA Device Management Features

Module 3: Network Integration

  • Lesson 1: Configuring Cisco ASA NAT Features
  • Lesson 2: Configuring Cisco ASA Basic Access Control Features

Module 4: Cisco ASA Policy Control

  • Lesson 1: Cisco ASA Modular Policy Framework
  • Lesson 2: Configuring Cisco ASA Connection Policy

Module 5: Cisco ASA VPN Architecture and Common Components

  • Lesson 1: Implementing Profiles, Group Policies, and User Policies
  • Lesson 2: Implementing PKI Services

Module 6: Cisco ASA Clientless Remote Access SSL VPN Solutions

  • Lesson 1: Deploying Basic Clientless VPN Solutions
  • Lesson 2: Deploying Advanced Application Access for Clientless SSL VPNs

Module 7: Cisco AnyConnect Remote Access SSL Solutions

  • Lesson 1: Deploying a Basic Cisco AnyConnect Full-Tunnel SSL VPN Solution

Module 8: Cisco ASA Remote Access IPsec VPNs

  • Lesson 1: Deploying Cisco Remote Access VPN Clients
  • Lesson 2: Deploying Basic Cisco Remote Access IPsec VPN Solutions

Module 9: Cisco ASA Site-to-Site IPsec VPN Solutions

  • Lesson 1: Deploying Basic Site-to-Site IPsec VPNs
  • Lesson 2: Deploying Advanced Site-to-Site IPsec VPNs

Module 10: Cisco ASA High Availability and Virtualization

  • Lesson 1: Configuring Cisco ASA Active/Standby High Availability


  • Lab 1: Prepare the ASA for Administration
  • Lab 2: Fundamental ASA Configuration
  • Lab 3: Network Address Translation (NAT)
  • Lab 4: Basic Access Control
  • Lab 5: Basic Protocol Inspection
  • Lab 6: Licensing, ACS, and Public CA
  • Lab 7: Basic Clientless SSL VPN
  • Lab 8: Clientless SSL VPN - Thin Apps
  • Lab 9: Basic AnyConnect Full Tunnel SSL VPN
  • Lab 10: Remote Access IPSec VPN
  • Lab 11: IPSec Site-to-Site VPN
  • Lab 12: Active/Standby Failover