OneSource Professional Training Solutions
OneSource Professional Training Solutions, Inc. presents

ASACAMP - ASA Lab Camp On-Site Training

This on-site training class is also available as Public Schedule Seminar.


Course Description/Agenda

Based on our enhanced FIREWALL and VPN courses, this exclusive, lab-based course is designed to provide you with the most Adaptive Security Appliance (ASA) 8.2-based lab experience possible in just five days.

A typical day will begin with an informal white board lecture by the instructor, covering topics associated with the day's labs. Afterwards, you will be free to work on the labs at your own pace and to experiment in the lab environment. Of course, the instructor will remain available to assist as needed.

Labs can be run in any order, any number of times. With the exception of three labs that require two pods to work together, no coordination with other students is necessary. You can experiment with your own scenarios or try our cutting-edge labs including tasks such as:

  • Updating the ASA to version 8.3 or 8.4
  • Reviewing new NAT or ACL syntax used in 8.3
  • Exploring new features in 8.3 or 8.4
  • Upgrading any lab to 8.3 or 8.4 and see the differences from 8.2
  • Executing general maintenance commands
  • Configuring VPN on the Security Appliance
  • Managing digital certificates for IPSec and SSL VPNs
  • Deep packet inspection
  • Using the 5505 in the SOHO environment

Your ASA Lab Camp includes:

  • Round-the-clock access to a dedicated Flexible Security Architecture (FSA) pod consisting of the most up-to-date security hardware
  • Enhanced lab topology unlike that of any other training provider
  • FIREWALL and VPN Workbook and Lab Guide, including exclusive additional labs
  • Limited, concise lectures summarizing key points demonstrated in labs
  • Ten extra security e-Lab credits, good for 30 days, so you can practice and refine your skills, including in our exclusive ASA 8.3 labs
  • World-class Certified Cisco Systems instructors

What You'll Learn

  • Bootstrap the security appliance, prepare the security appliance for configuration via the ASDM, and launch and navigate ASDM
  • Perform essential security appliance configuration using ASDM and the CLI
  • Configure dynamic and static address translations in the security appliance using ASDM
  • Configure switching and routing on the security appliance using ASDM
  • Configure access control lists, filter malicious active codes, and filter URLs to meet the requirements of the security policy using ASDM
  • Troubleshooting using the packet tracer
  • Configure object groups and AAA using ASDM
  • Configure a modular policy using ASDM
  • Configure the security appliance to support a site-to-site VPN using ASDM
  • Use ASDM to configure the security appliance to provide secure connectivity using remote access VPNs
  • Configure the security appliance to run in transparent firewall mode
  • Enable, configure, and manage multiple contexts to meet security policy requirements
  • Use advanced NAT features such as policy-based NAT
  • Use advanced modular policy framework for deep packet inspection of application protocols such as HTTP and FTP
  • Configure the security appliance to segment traffic with VLANs
  • Configure the IPSec VPN Client using digital certificates
  • Configure the advanced Easy VPN Server features of the ASA
  • Determine the necessary configuration for the ASA 5505 to be a VPN hardware client
  • Configure QoS for VPN traffic
  • Enable clientless SSL VPNs with the security appliance
  • Enable AnyConnect SSL VPN client with the security appliance
  • Enable the Cisco Secure Desktop with the security appliance to increase the security posture of SSL VPN connections
  • Enable Dynamic Access Policy with the Cisco Secure Desktop
  • Configure, inspect, and filter traffic with the Content Security and Control SSM
  • Configure the AIP-SSM to identify and alert for common attacks

Who Should Attend

  • Security professionals looking for the most hands-on experience possible in five days
  • Network security engineers who prefer to learn by doing
  • Motivated self-starters looking to get all the materials required to prepare for the FIREWALL and VPN CCNP Security certification exams

Course Outline


1. Cisco Adaptive Security Appliance (ASA)

  • Technology and Features
  • ASA Family

2. Basic Connectivity and Device Management

  • Cisco ASA and Cisco ASDM
  • Interfaces and Static Routing
  • Basic Device Management Features
  • Management Access

3. Access Control Features

  • Basic Access Control
  • Modular Policy Framework
  • Basic Stateful Inspection Features
  • Application-Layer Policies
  • Advanced Access Controls
  • Resource Limits and Guarantees
  • User-Based Policies

4. Network Integration Features

  • Network Address Translation
  • Transparent Firewall Operations

5. Virtualization and High Availability Features

  • Virtualization Features
  • Redundant Interfaces
  • Active/Standby High Availability Failover
  • Active/Active High Availability Failover

6. Security Service Modules

  • AIP-SSM and AIP-AIP-SSC Module Integration
  • CSC-SSM Module Integration


1. Evaluating the Cisco ASA VPN Subsystem

  • ASA Software Architecture
  • Common Cisco ASA Remote Access VPN Concepts

2. ASA IPSec VPN Solutions

  • Basic Site-to-Site IPSec VPNs
  • Certificate Authentication in Site-to-Site IPSec VPNs
  • Cisco IPSec VPN Client
  • Basic Easy VPN Solutions
  • Advanced Authentication
  • Cisco ASA 5505

3. AnyConnect Remote Access VPN Solutions

  • Basic AnyConnect Full Tunnel SSL VPN Solution
  • Advanced Deployment
  • Advanced Authentication in AnyConnect Full Tunnel SSL VPNs

4. Clientless SSL Remote Access VPN Solutions

  • Basic Clientless SSL VPN Solution
  • Advanced Application Access for Clientless SSL VPN
  • Advanced Authentication
  • Single Sign-On in a Clientless SSL VPN
  • Customize the Clientless SSL VPN User Interface and Portal

5. Advanced Cisco ASA VPN Solutions

  • VPN Authorization and Accounting
  • Cisco Secure Desktop in SSL VPNs
  • Dynamic Access Policies
  • High Availability and High Performance in SSL and IPSec VPNs


Remember, you can repeat labs, test scenarios of your own creation, and experiment with ASA 8.3 and 8.4 operating systems. Besides having access from within the classroom with the support of your instructor during normal class hours, you will also have 24-hour Internet access to your pod during the week of class.


Lab 1: Enhanced - Preparing the ASA for Administration

Add to favorites Add to favorites
Email Email this page

On-Site Training
Information Request Form

Please complete the form for more information and/or a quote for this on-site class.




City and State


Number of students:
(at least 10 for consideration)

When do you want to hold the

How long would you like for the

Additional comments to trainer:

We value your privacy!