Cisco IINS 2.0: Threat Control, Mitigation, and Firewalls

Overview/Description
Current trends in security threat vectors require a carefully planned threat control strategy. Trends that affect security include persistent application-layer threats that use social engineering to exploit the trust architecture of the enterprise, the pervasiveness of mobility and consumerization, and the insidious motivations behind the behavior of the attacker. All these trends result in the need for dynamic security intelligence gathering and distribution, early warning systems, and application layer inspection for mobile services where data and applications are hosted in the cloud. This course suggests design principles to plan a threat control and containment strategy using firewalls and intrusion prevention systems (IPSs) in Cisco IOS environments. Cisco provides basic traffic filtering capabilities with access control lists (ACLs). You can configure ACLs for all routed network protocols to filter packets as the packets pass through a router or security appliance. There are many reasons to configure ACLs. For example, you can use ACLs to restrict the contents of routing updates or to provide traffic flow control. One of the most important reasons to configure ACLs is to provide security for your network. This course outlines the types of ACLs that are available and offers guidelines on creating ACLs to provide network security in IP version 4 (IPv4) and IP version 6 (IPv6) environments. A firewall protects network devices from intentional hostile intrusion that could threaten information assurance (that is, availability, confidentiality, and integrity) or lead to a denial of service (DoS) attack. A firewall can protect a hardware device or a software program running on a secure host computer. This course ends with an introduction to the firewall technologies that Cisco uses in routers and security appliances.

Target Audience
Network designers, administrators, engineers, and managers; systems engineers; individuals seeking the Implementing Cisco IOS Network Security (IINS) v2.0 640-554 certification, which is associated with the CCNA Security certification exam. Knowledge and skills equivalent to those learned in Interconnecting Cisco Networking Devices Part 1 (ICND1) are required, and a working knowledge of the Windows operating system and Cisco IOS networking and concepts is recommended.

Expected Duration (hours)
2.0

Lesson Objectives

Cisco IINS 2.0: Threat Control, Mitigation, and Firewalls

identify design guidelines for threat control and containment architecture

identify Cisco IPS threat control solutions

describe the security benefits of ACLs

match command parameters for a numbered extended ACL with their descriptions

identify the IP address and wildcard mask required to filter IP subnets in an example

identify ACL configuration considerations

match types of rules in Cisco Configuration Professional to their descriptions

recognize steps in the procedure to configure an access rule for generating log entries

recognize the steps required to create an ACL that can permit or deny traffic to the configured object groups

use ACLs for edge filtering

configure object groups

implement IPv4 antispoofing ACLs with CCP

describe benefits of different types of firewalls

match NAT modes to criteria for selecting them

match types of firewall access rules to examples

describe guidelines for creating firewall rules