This course gives you knowledge and skills to use and configure Cisco Firepower Threat Defense technology, beginning with initial device setup and configuration and including routing, high availability, Cisco Adaptive Security Appliance (ASA) to Cisco Firepower Threat Defense migration, traffic control, and Network Address Translation (NAT). You will learn how to implement advanced Next-Generation Firewall (NGFW) and Next-Generation Intrusion Prevention System (NGIPS) features, including network intelligence, file type detection, network-based malware detection, and deep packet inspection. You will also learn how to configure site-to-site VPN, remote-access VPN, and Secure Sockets Layer (SSL) decryption before moving on to detailed analysis, system administration, and troubleshooting.


* Actual course outline may vary depending on offering center. Contact your sales representative for more information.

Learning Objectives

After taking this course, you should be able to:
Describe key concepts of NGIPS and NGFW technology and the Cisco Firepower Threat Defense system, and identify deployment scenarios
Perform initial Cisco Firepower Threat Defense device configuration and setup tasks
Describe how to manage traffic and implement Quality of Service (QoS) using Cisco Firepower Threat Defense
Describe how to implement NAT by using Cisco Firepower Threat Defense
Perform an initial network discovery, using Cisco Firepower to identify hosts, applications, and services
Describe the behavior, usage, and implementation procedure for access control policies
Describe the concepts and procedures for implementing security intelligence features

  • Cisco Firepower Threat Defense Overview

  • Examining Firewall and IPS Technology
    Firepower Threat Defense Features and Components
    Examining Firepower Platforms
    Examining Firepower Threat Defense Licensing
    Cisco Firepower Implementation Use Cases

  • Cisco Firepower NGFW Device Configuration

  • Firepower Threat Defense Device Registration
    FXOS and Firepower Device Manager
    Initial Device Setup
    Managing NGFW Devices
    Examining Firepower Management Center Policies
    Examining Objects
    Examining System Configuration and Health Monitoring
    Device Management
    Examining Firepower High Availability
    Configuring High Availability
    Cisco ASA to Firepower Migration
    Migrating from Cisco ASA to Firepower Threat Defense

  • Cisco Firepower NGFW Traffic Control

  • Firepower Threat Defense Packet Processing
    Implementing QoS
    Bypassing Traffic

  • Cisco Firepower NGFW Address Translation

  • NAT Basics
    Implementing NAT
    NAT Rule Examples
    Implementing NAT

  • Cisco Firepower Discovery

  • Examining Network Discovery
    Configuring Network Discovery
    Implementing Access Control Policies
    Examining Access Control Policies
    Examining Access Control Policy Rules and Default Action
    Implementing Further Inspection
    Examining Connection Events
    Access Control Policy Advanced Settings
    Access Control Policy Considerations
    Implementing an Access Control Policy

  • Security Intelligence

  • Examining Security Intelligence
    Examining Security Intelligence Objects
    Security Intelligence Deployment and Logging
    Implementing Security Intelligence

  • File Control and Advanced Malware Protection

  • Examining Malware and File Policy
    Examining Advanced Malware Protection

  • Next-Generation Intrusion Prevention Systems

  • Examining Intrusion Prevention and Snort Rules
    Examining Variables and Variable Sets
    Examining Intrusion Policies

  • Site-to-Site VPN

  • Examining IPsec
    Site-to-Site VPN Configuration
    Site-to-Site VPN Troubleshooting
    Implementing Site-to-Site VPN

  • Remote-Access VPN

  • Examining Remote-Access VPN
    Examining Public-Key Cryptography and Certificates
    Examining Certificate Enrollment
    Remote-Access VPN Configuration
    Implementing Remote-Access VPN

  • SSL Decryption

  • Examining SSL Decryption
    Configuring SSL Policies
    SSL Decryption Best Practices and Monitoring

  • Detailed Analysis Techniques

  • Examining Event Analysis
    Examining Event Types
    Examining Contextual Data
    Examining Analysis Tools
    Threat Analysis

  • System Administration

  • Managing Updates
    Examining User Account Management Features
    Configuring User Accounts
    System Administration

  • Cisco Firepower Troubleshooting

  • Examining Common Misconfigurations
    Examining Troubleshooting Commands
    Firepower Troubleshooting


This course is ideal for Security administrators, Security consultants, Network administrators, System engineers, Technical support personnel, and Cisco integrators and partners.




To fully benefit from this course, you should have the following knowledge: Knowledge of TCP/IP and basic routing protocols, and familiarity with firewall, VPN, and Intrusion Prevention System (IPS) concepts


Length: 5.0 days (40 hours)


Not Your Location? Change

Course Schedule:

Schedule select
10:00 AM ET -
6:00 PM ET
Filling Fast
Schedule select
10:00 AM ET -
6:00 PM ET
Filling Fast