The IP Security (IPsec) VPN is an essential tool for providing a secure network for business communication, and this course addresses the different protocols and algorithms that IPsec uses and the different security services that IPsec provides. The course also introduces different VPN technologies and examines the various Cisco products that are available and the best practices that you should use with them. Site-to-site VPNs are the option of choice for organizations of all kinds in implementing a corporate network across public and private networks. Internet-based VPN environments and Multiprotocol Label Switching (MPLS) VPN environments benefit from the flexibility of deployment and standards-based implementation of cryptographic mechanisms. The choice of device terminating VPNs becomes an important factor in implementing site-to site VPNs. Organizations benefit from leveraging their existing network elements and using an integrated approach to VPN deployments. This course highlights the use of Cisco IOS routers as site-to-site VPN termination points in IP Security (IPsec) environments. Mobility and IT consumerization market trends influence the need for comprehensive remote access security policies. Secure Sockets Layer (SSL) VPNs are commonly used as a remote access service. As such, SSL VPNs must integrate strong cryptography and standards-based components with deployment and operational efficiencies and endpoint security. To complete this course the SSL protocol framework and the benefits of the Cisco SSL VPN solution are described. The configuration of clientless and full tunnel SSL VPNs using Cisco Adaptive Security Device Manager (ASDM) and the Cisco AnyConnect Client is also demonstrated.
Network designers, administrators, engineers, and managers; systems engineers; individuals seeking the Implementing Cisco IOS Network Security (IINS) v2.0 640-554 certification, which is associated with the CCNA Security certification exam. Knowledge and skills equivalent to those learned in Interconnecting Cisco Networking Devices Part 1 (ICND1) are required, and a working knowledge of the Windows operating system and Cisco IOS networking and concepts is recommended.
Cisco IINS 2.0: IPsec Fundamentals and VPNs
- identify the essential security functions of IPsec
- distinguish between AH and ESP protocols
- distinguish between IKEv1 and IKEv2
- identify actions to take when preparing for a site-to-site IPsec VPN deployment
- describe actions that can be completed using CCP’s Step-by-step Wizard for configuring a site-to-site IPsec VPN
- recognize how CLI commands are used to verify the IPsec configuration
- recognize what is indicated by specific IPsec states
- create a site-to-site VPN using the CCP site-to-site VPN Wizard
- describe the main challenges facing IT organizations to provide remote and mobile access to corporate resources
- recognize the steps involved in establishing an SSL session
- identify features of full network access SSL VPNs
- identify the tasks required to configure a Clientless SSL VPN using Cisco ASDM
- identify tasks involved in launching the Cisco AnyConnect VPN Wizard