ngfw

The video shows you the procedure to manually backup and restore configuration on Cisco PSRM server and ASA CX via command line. From this, you will know what to expect should you ever need to whether revert back config changes or recover from a disaster.

The video demonstrates NG IPS capability of Cisco ASA CX. We will go through IPS Profile configuration, threat level adjustment, and available threat response actions. We will test our configuration by simulating a bot communication attempt to an IRC server using an IRC client. You will get to see CX IPS in action in this video.

The video show you how to configure Cisco ASA CX to perform traffic restriction based on MIME file type. We will demonstrate this through file download and upload to a SharePoint server via HTTP and HTTPS. At the end, we will try to run FTP, a non-MIME supported protocol, through an access policy and discuss the outcome of the testing.

The video shows you how to configure Cisco ASA CX to enforce Active Authentication and apply the same decryption and access policies to the remote VPN user so they can have the same user experiences as those locating inside the network. We will perform additional traffic restriction based on client operating system using information provided by Cisco AnyConnect client, as well as user browser type using User Agent attribute.  

The video shows you how to configure Cisco ASA CX to enforce Active Authentication and apply the same decryption and access policies to the remote VPN user so they can have the same user experiences as those locating inside the network. We will perform additional traffic restriction based on client operating system using information provided by Cisco AnyConnect client, as well as user browser type using User Agent attribute.  

The video shows you how to configure Cisco ASA CX to perform web filtering. We will be creating a whitelist and blacklist of website URL that we want to enforce on our users. We will then take one step further and leverage website category that is built into the CX. In addition to a deny action, we will explore a warn option and try to explore its behavior. To show you the flexibility of web category, we will apply it to decryption policy to get better control of the type of traffic that will or will not get decrypted. The video finishes by showing you the customization of user notification pages.

The video shows you how to configure Cisco ASA CX to perform web filtering. We will be creating a whitelist and blacklist of website URL that we want to enforce on our users. We will then take one step further and leverage website category that is built into the CX. In addition to a deny action, we will explore a warn option and try to explore its behavior. To show you the flexibility of web category, we will apply it to decryption policy to get better control of the type of traffic that will or will not get decrypted. The video finishes by showing you the customization of user notification pages.

The video demonstrates Cisco ASA CX ability to perform application matching beyond just protocols and ports by using Application Visibility and Control (AVC) feature. You will see how to deploy access policy at ease without worrying about being circumvented by application running on non-default port, or even those that sprawl multiple dynamic ports. This intelligence take you as far as matching based on a group of application by type, and specific application behavior. All of these will be demonstrated through three applications; RDP, Bittorrent, and Facebook, in this lab.