Duration 5 days – 35 hrs
Overview
This five-day instructor-led or virtual instructor-led training equips network security professionals with the expertise to deploy, configure, manage, and troubleshoot Cisco Secure Firewall Threat Defense as a next-generation firewall at the Internet edge. The course covers architecture, policy configuration, packet processing, intrusion prevention, and administrative troubleshooting.
Objectives
- Describe Cisco Secure Firewall Threat Defense and its deployment options (on‑premise, cloud, hybrid)
- Configure initial network settings, NAT, and high availability
- Understand how firewall policies affect packet processing
- Implement discovery, pre‑filter, access control, security intelligence, file and intrusion policies
- Use Cisco Secure Firewall Management Center for threat analysis
- Manage and administer Secure Firewall Threat Defense (including device manager)
- Perform basic traffic‑flow troubleshooting
Audience
- Network security engineers and administrators
- Systems and security operations personnel
- Cisco integrators, partners, and security consultants interested in preparing for CCNP Security concentration in Cisco Firepower
Prerequisites
- TCP/IP fundamentals
- Basic routing protocols
- Understanding of firewall, VPN, and intrusion prevention system (IPS) concepts
- Familiarity with Cisco CCNA-level content or equivalent foundational skills
Course Content
Module 1: Introduction to Cisco Secure Firewall Threat Defense
- Platform overview, use cases, licensing & positioning in Cisco Secure solutions
Module 2: Deployment Options & Management Tools
- On-premise vs cloud deployment models
- Management via Cisco Secure Firewall Management Center, Device Manager, and Cisco Defense Orchestrator
Module 3: Initial Configuration
- Interfaces, zones, routing, platform setup & health policies
- Registration with management systems
Module 4: High Availability Setup
- Active/Standby configuration, failover modes, monitoring and troubleshooting
Module 5: Network Address Translation (Auto NAT)
- NAT fundamentals and automated NAT configuration
Module 6: Packet Processing & Policy Overview
- Objects, engines, and packet flows through policy chains
Module 7: Discovery Policy Configuration
- Network host discovery, profiling and event analysis
Module 8: Prefilter Policy
- Connection-layer optimizations and policy tuning techniques
Module 9: Access Control Policy (ACP)
- Rule creation, actions, deployment best practices
Module 10: Security Intelligence
- IP/URL threat feeds, DNS intelligence, policy enforcement
Module 11: File Policy & Malware Protection
- File-type detection, malware scanning, policy setup and event review
Module 12: Intrusion Policy (IPS Configuration)
- Snort-based rules, customizing intrusion policies, event management
Module 13: Threat Analysis with FMC
- Using unified event viewer, dashboards, content explorer and reporting tools
Module 14: Administration & Device Management
- User accounts, backups, config rollback, updates, system management
Module 15: Traffic-Flow Troubleshooting
- CLI tools, traffic tracing, typical troubleshooting workflows
Module 16: Device Manager Interface
- Managing policies and settings directly via the local device manager
