Securing Networks with Cisco Firepower Threat Defense NGFW (FIREPOWER200)

Securing Networks with Cisco Firepower Threat Defense NGFW (FIREPOWER200)


This course demonstrates the powerful features of Cisco Firepower Threat Defense, including VPN configuration, traffic control, NAT configuration, SSL decryption, advanced NGFW and NGIPS tuning and configuration, analysis, and troubleshooting. It will show students how to use and configure Cisco Firepower Threat Defense technology, beginning with initial device setup and configuration and including routing, high availability, Cisco ASA to Firepower Threat Defense migration, traffic control, and Network Address Translation (NAT). The course will then explore how to implement advanced Next-Generation Firewall (NGFW) and Next-Generation Intrusion Prevention System (NGIPS) features, including network intelligence, file type detection, network-based malware detection, and deep packet inspection. Students will also learn how to configure site-to-site VPN, remote-access VPN, and SSL decryption before moving on to detailed analysis, system administration, and troubleshooting. This course combines lecture materials and hands-on labs throughout to make sure that students are able to successfully deploy and manage the Cisco Firepower system.


After taking this course, you should be able to:
  • Describe key concepts of NGIPS and NGFW technology and the Cisco Firepower Threat Defense system, and identify deployment scenarios
  • Perform initial Cisco Firepower Threat Defense device configuration and setup tasks
  • Describe how to manage traffic and implement Quality of Service (QoS) using Cisco Firepower Threat Defense
  • Describe how to implement NAT by using Cisco Firepower Threat Defense
  • Perform an initial network discovery, using Cisco Firepower to identify hosts, applications, and services
  • Describe the behavior, usage, and implementation procedure for access control policies
  • Describe the concepts and procedures for implementing security intelligence features
  • Describe Cisco Advanced Malware Protection (AMP) for Networks and the procedures for implementing file control and advanced malware protection
  • Implement and manage intrusion policies -Describe the components and configuration of site-to-site VPN
  • Describe and configure a remote-access SSL VPN that uses Cisco AnyConnect┬«
  • Describe SSL decryption capabilities and usage
Module 1: Cisco Firepower Threat Defense Overview Module 2: Cisco Firepower NGFW Device Configuration Module 3: Cisco Firepower NGFW Traffic Control Module 4: Cisco Firepower NGFW Address Translation Module 5: Cisco Firepower Discovery Module 6: Implementing Access Control Policies Module 7: Security Intelligence Module 8: File Control and Advanced Malware Protection Module 9: Next-Generation Intrusion Prevention Systems Module 10: Site-to-Site VPN Module 11: Remote-Access VPN Module 12: SSL Decryption Module 13: Detailed Analysis Techniques Module 14: System Administration Module 15: Cisco Firepower Troubleshooting
To fully benefit from this course, you should have the following knowledge:

  • Knowledge of TCP/IP and basic routing protocols, and familiarity with firewall, VPN, and Intrusion Prevention System (IPS) concepts
Course ID:

Show Schedule for: