Cisco IINS – Implementing Cisco IOS Network Security, v3.0

In this course you will learn about the design, implementation and monitoring of a comprehensive security policy using Cisco IOS security features and technologies as examples. You will also learn about security controls of Cisco IOS devices as well as a functional introduction to the Cisco ASA adaptive security appliance.

Who needs to attend

Who needs to attend?

This course is aimed at network designers, network administrators, network engineers, network managers and systems engineers

what you will learn

What you will learn

  • Describe the current threat landscape
  • Secure the management and control planes of network devices
  • Describe threat defense technologies
  • Secure the management and control planes of network devices
  • Configure AAA on Cisco IOS devices
  • Implement secure management for the Cisco ASA and Cisco IOS routers and switches
  • Secure the control plane
  • Secure the management and control planes of network devices
  • Implement layer 2 infrastructure security
  • Implement layer 2 protocol security
  • Configure management access and NAT on the Cisco ASA
  • Configure access control and service policies on the Cisco ASA
  • Describe IPsec
  • Implement a client-based remote access VPN
  • Implement a clientless remote access VPN
  • Describe IDS and IPS
  • Describe endpoint protection
  • Describe content security
  • Describe advanced network security architectures


Students need to have:

Course outline

Course Outline

Security Concepts

  • Threatscape
  • Threat Defense Technologies
  • Security Policy and Basic Security Architectures
  • Cryptographic Technologies

Secure Network Devices

  • Implementing AAA
  • Management Protocols and Systems
  • Securing the Control Plane

Layer 2 Security

  • Securing Layer 2 Infrastructure
  • Securing Layer 2 Protocols


  • Firewall Technologies
  • Introducing the Cisco ASA v9.2
  • Cisco ASA Access Control and Service Policies
  • Cisco IOS Zone Based Firewall


  • IPsec Technologies
  • Site-to-Site VPN
  • Client Based Remote Access VPN
  • Clientless Remote Access VPN

Advanced Topics

  • Intrusion Detection and Protection
  • Endpoint Protection
  • Content Security
  • Advanced Network Security Architectures


  • Challenge Lab 1: Configure AAA and Secure Remote Administration
  • Challenge Lab 2: Configure Secure Network Management Protocols
  • Challenge Lab 3: Configure Secure EIGRP Routing
  • Challenge Lab 4: Configure Secure Layer 2 Infrastructure
  • Challenge Lab 5: Configure DHCP Snooping and STP Protection
  • Challenge Lab 6: Configure Interfaces and NAT on the Cisco ASA
  • Challenge Lab 7: Configure Network Access Control with the Cisco ASA
  • Challenge Lab 8: Configure Site-to-Site VPN on IOS
  • Challenge Lab 9: Configure AnyConnect Remote Access VPN on ASA
  • Challenge Lab 10: Configure Clientless SSL VPN on the ASA