Fundamentals of Cisco Firewall Threat Defense and Intrusion Prevention

Duration 5 days – 35 hrs

 

Overview

 

This five-day instructor-led or virtual instructor-led training equips network security professionals with the expertise to deploy, configure, manage, and troubleshoot Cisco Secure Firewall Threat Defense as a next-generation firewall at the Internet edge. The course covers architecture, policy configuration, packet processing, intrusion prevention, and administrative troubleshooting. 

 

Objectives

 

• Describe Cisco Secure Firewall Threat Defense and its deployment options (on‑premise, cloud, hybrid)
• Configure initial network settings, NAT, and high availability
• Understand how firewall policies affect packet processing
• Implement discovery, pre‑filter, access control, security intelligence, file and intrusion policies
• Use Cisco Secure Firewall Management Center for threat analysis
• Manage and administer Secure Firewall Threat Defense (including device manager)
• Perform basic traffic‑flow troubleshooting

 

Audience

• Network security engineers and administrators
• Systems and security operations personnel
• Cisco integrators, partners, and security consultants interested in preparing for CCNP Security concentration in Cisco Firepower

 

Prerequisites

• TCP/IP fundamentals

• Basic routing protocols

• Understanding of firewall, VPN, and intrusion prevention system (IPS) concepts

• Familiarity with Cisco CCNA-level content or equivalent foundational skills

 

Course Content

 

Module 1: Introduction to Cisco Secure Firewall Threat Defense

 

• Platform overview, use cases, licensing & positioning in Cisco Secure solutions

 

Module 2: Deployment Options & Management Tools

 

• On-premise vs cloud deployment models
• Management via Cisco Secure Firewall Management Center, Device Manager, and Cisco Defense Orchestrator

 

Module 3: Initial Configuration

 

• Interfaces, zones, routing, platform setup & health policies
• Registration with management systems

 

Module 4: High Availability Setup

 

• Active/Standby configuration, failover modes, monitoring and troubleshooting

 

Module 5: Network Address Translation (Auto NAT)

 

• NAT fundamentals and automated NAT configuration

 

Module 6: Packet Processing & Policy Overview

 

• Objects, engines, and packet flows through policy chains

 

Module 7: Discovery Policy Configuration

 

• Network host discovery, profiling and event analysis

 

Module 8: Prefilter Policy

 

• Connection-layer optimizations and policy tuning techniques

 

Module 9: Access Control Policy (ACP)

 

• Rule creation, actions, deployment best practices

 

Module 10: Security Intelligence

 

• IP/URL threat feeds, DNS intelligence, policy enforcement

 

Module 11: File Policy & Malware Protection

 

• File-type detection, malware scanning, policy setup and event review

 

Module 12: Intrusion Policy (IPS Configuration)

 

• Snort-based rules, customizing intrusion policies, event management

 

Module 13: Threat Analysis with FMC

 

• Using unified event viewer, dashboards, content explorer and reporting tools

 

Module 14: Administration & Device Management

 

• User accounts, backups, config rollback, updates, system management

 

Module 15: Traffic-Flow Troubleshooting

 

• CLI tools, traffic tracing, typical troubleshooting workflows

 

Module 16: Device Manager Interface

 

• Managing policies and settings directly via the local device manager