Mt. San Antonio College
advertisement
Mt. San Antonio College CISS 25 – Hands-on Network Security Firewall Ref# 22640 Fall 09 Professor: Jim Gau (MBA, CNI, MCT, CNE, MCSE, CCNA) Phone: (909) 594-5611 X4841 E-mail: jgau@mtsac.edu Office hours and course information: mtsac.blackboard.com www.mtsac.edu\~jgau http://www.mtsac.edu/~jgau/Download/Office%20Hours/OfficeHour.pdf Optional Reference Book: CCSP Self-Study ISBN# 1-58705-149-4 Author: Behzad Behtash Publisher: Ciscopress ASA will be configured using the Cisco ASA configuration Guides. Handout by Jim Gau posted at Blackboard Basis for determining Course Grades: Exams (2) .....................................................30 % Final Exam...................................................20 % Quiz/HW/Lab/DB Assignments.................50 % .........................................................................0 % Total ...........................................................100 % A: B: C: D: F: 90 80 70 60 0 - 110 - 89 - 79 - 69 - 59 Student Learning Outcomes (Students will be able to): • Demonstrate the skill to configure and install firewall. • Implement secured translation for service hosting through firewall. This course covered the following Firewall topics: Introduction-Network Security; Firewalls and the Cisco PIX Firewall and ASA appliances; Getting Started with the Cisco PIX/ASA; Translations and Connections; Access Control Lists and Content Filtering; Object Grouping; Advanced Protocol Handling; Attack Guards, Intrusion Detection, and Shunning; Authentication, Authorization, and Accounting; Failover; Virtual Private Networks; System Management; Cisco PIX Device Manager and ASA ASDM configuration tool. Describe the features, functions, and benefits of the Cisco PIX/ASA. Identify PIX/ASA features, models, components, and benefits. Describe PIX/ASA installation procedures. Perform basic configuration. Explain the routing functionality of the PIX/ASA. Configure routing on the PIX/ASA. Configure the PIX/ASA as a DHCP client. Configure special protocol handling on the PIX Firewall. Configure AAA on the PIX Firewall. Configure shunning on the PIX Firewall. Discuss ISAKMP, Crypto, IPSec, and configure a site-to-site VPN. Configure SSL web based VPN. Covers the PPPoE. Perform password recovery on the PIX/ASA devices. Install the Device Manager and use it to configure the PIX/ASA devices. Use the Device Manager to monitor the PIX/ASA devices. Test and verify PIX/ASA operations. CISS 25 Course Outline Date Topic (Refer to Blackboard Announcement for updated assignments) wk 1 Course Overview; get acquainted; Cisco role in Network Security; Firewall and ASA wk 2 Topic 4: wk 3 Topic 5: Implementing Cisco ASA/PIX in the network (Quiz/Lab) Geting Started with Cisco ASA/PIX (Topic 1-5 Quiz and Lab) Lab: Syslog and log analysis. wk 4 Topic 7: Translation and Connecitons (Quiz: Topic 4, 5 and 7) Case project: configure Firewall/Security Appliances for small and and mid-size company. wk 5 Topic 8: Access Control Lists and Content Filtering (Lab) End to end access previledge. wk 6 Topic 9: Object Grouping (Topic 8 Quiz and Lab) Topic10: Routing (Lab) Case project: configure Firewall/Security Appliances for enterprise network. wk 7 Exam1 (Topic 4, 5, 7, 8, 9, 10) wk 8 Topic 11: Advanced Protocol Handling (Lab) Topic 12: attack Guards, Intrusion Detection and Shunning (Lab) wk 9 Topic 13: Authentication, Authorization, and Accounting (Lab) Topic 14: Failover (Topic 11 and 12 Quiz; Lab) wk10 Topic 15: Virtual Private Networks (Topic 13, 14 Quiz and Lab) wk11 Topic 16: IPsec, Crypto, ISAKMP, and Site-to-Site VPNs (Lab) wk12 Topic 17: Client Remote Access VPNs (Topic 15, 16, 17 Quiz & Lab) Topic 6: Cisco ASA SDM wk13 Exam2 (Topic 6, 11, 12, 13, 14, 15, 16, 17) wk14 Topic 18: System Maintenance (Lab) wk15 Topic 19: ASA/PIX Firewall in SOHO Networks (Lab) wk16 Final Exam (Topic 4 through 19). Grading Philosophy, Expectations, and Guidelines for Assignments: Course grade is a way to measure the learning result based on the exams, homework assignments, hands-on projects, and case projects. It is not a statement about your value as a person. Grade "A" means excellent and thorough works significantly exceed standard. Grade "B" means above average works that exceed standard. Grade "C" means average works that meet standard. Grade "D" means minimal works that pass, however, fall below expectation. Grade "F" means works that fail and fall well below minimum standard. Course Policies: Cheating and Plagiarism: Cheating is to violate rules dishonestly, to practice fraud or trickery, or to get something by dishonesty or deception. Plagiarism is to present as new and original an idea or product derived from an existing source. Two copies of same report and exchange information during exam or quiz are some examples of cheating and plagiarism. Both cheating and plagiarism will not be tolerated and will result in a score of zero for the report, exam, or quiz. Assignments, Quizzes, and Hands on Exercises: All assignments must be given to your professor, and must contain your name, your professor's name, assignment title, and the assigned class ID clearly printed at the top of each assignment. There will be a 5 point deduction for any work turned in without class ID. Assignments are due at the beginning of class. There will be 40 points penalty for any late homework/lab assignment. Homework/lab assignments more than one week pass due will not be accepted. All written assignments must be printed by near letter quality printer or typed. Homework assignments must be turned with separate printed answers attached if applicable. Weekly quizzes and hands on exercises may be given unannounced. Always prepare before attending each class. There will be no make up of missed hands-on exercises or quizzes. Exams: There will be no make up of missed exam(s). The first missed exam will be given a score equal to 25% of the average score on exams taken. The second missed exam will be given a score equal to 10% of the score on the exam taken. College authorized or illness excuse must present written proof to eliminate the penalty posed on the missed exam(s). Attendance, Pager and Cellular Phone: You are expected to be on time and attend all classes. There maybe hands-on exercise and quiz every week. Missing any exercise or quiz will severely affect your final grade. Set all cellular phone and pager to silent mode. Lab Assignments and expectations: The MCC lab at building 17 is an open lab. There are no scheduled classes in the center. Therefore, you may use the lab any time when it is open. It is your responsibility to find out the open hours of the lab (594-5611 EXT. 4600). Students are expected to spend 3 to 5 hours to read and complete hands-on exercises each week. For urgent questions, come or call during my office hours. Generally, I will return your call within one to two days during working days. Drop Procedure: I will drop you only if you missed the first class. If you decide to drop the class, it is your responsibility to complete the drop procedure. Ceasing to attend will not drop you from class automatically. After the official drop date, you will receive a grade of A, B, C, D, or F. There will be no "Incomplete" grade. Additional Help: Let me know immediately if special accommodations are needed. I will spend all the time needed to help you in the ICC lab in addition to my office hours, as long as you show your effort to master the course material and assignments. Help your instructor: I am extremely allergic to perfume and cologne. Please avoid using perfume or cologne while attending my classes. Thank you. Disclaimer I reserve the right to make changes in any course syllabus and policy without notice.
