Description

Advanced Cisco Adaptive Security Appliance access policies allow security administrators to apply different policies to different types of traffic. For example, traffic coming from the Internet could be analyzed for any sign of malicious software. On the other hand, voice over IP traffic could be prioritized on all Cisco ASA interfaces to prevent delays and packet losses. The Cisco modular policy framework is a configuration tools which enables security administrators to assign different network policies to different traffic flows in flexible and granular manner. The MPF enhances ASA interface access control lists by allowing the administrator to specify a multitude of advanced access controls on network flows independently of interface ACLs. This course first provides an overview of advanced access controls and policies. Then the course describes the Cisco MPF, which is used to implement advanced policies. Then the course discusses how to tune OSI layer 3-4 stateful inspection and inspection of dynamic protocols. The course concludes with application inspection of HTTP and FTP protocols.