GlobalConfig.net header image 2

May 28th, 2008 · No Comments

Welcome back!

So it's no secret that the Cisco ASA code version 8.0(2) and (3) have been out for a bit. What's the big deal if you are an SNPA student?  To start lets take a look at what is currently in SNPA version 5.0:

  • Basic Configuration
  • addressing and address translations
  • Access-lists
  • What can pass thru this machine
  • AAA
  • Who are you?  What can you do? What did you do?
  • Routing and Switching
  • Static Routes, OSPF, RIP, VLANS, Multicast Routing
  • Modular Policy Framework
  • The real power of the ASA
  • IPSec VPN
  • Site-to-site and “Easy” VPN
  • Review of SNPA 5.0 (cont)
  • SSL VPN
  • The new wave of VPN using a web browser
  • Failover
  • for redundancy
  • Transparent Firewalls
  • hides the firewall
  • ASDM
  • GUI interface
  • IPS Module
  • Really in the IPS class- this is getting the ASA to talk to the module)
  • System Maintenance
  • License Keys, Upgrades, Backup

 Now lets look at some of the new 8.x stuff:        

  • Bulk of New Features related to VPN
  • Some other enhancements to firewall features
  • AnyConnect VPN which is A VPN Client that works on Vista, MAC, Linux, etc.
  • EIGRP, Just like on the Routers
  • TLS Proxy for Encrypted Voice Inspection which is New part of the Modular Policy Framework
  • NAC
  • Threat Detection which is a New Feature in the code that detects attacks and scans auto-magically!  When it sees attacks it alerts you.
  • Secure Logging, This is a feature many people are be interested in
  • Interface Redundancy which is Kinda like sub-interfaces but not.
  • HA Remote Command Execution which lets you Execute Commands to a remote device when doing Active/Active failover
  • IPS virtualization where the ASA can use more that one IPS device (handy when in multiple context mode)
  • Transparent Mode NAT so Now you can do NAT when operating in transparent mode.
  • Object Group Enhancements including a New Service Object
  • Live Hit count on ACLs in ADSM which is Just a really cool feature!
  • Local CA Server
  • and finally User Differentiation which lets you differentiate between local users and remote-access users.

So again, Whats the big deal?  It's a big deal because there are a number of enhancements that are not covered in the current SNPA course nor on the exam….but they will be soon!

Related posts:

  1. links for 2009-08-25 Understanding Route Aggregation in BGP [IP Routing] – Cisco...
  2. Is Core Knowledge Key? In some popular online forums people have been talking about...
  3. links for 2009-07-27 Implementing Features in Cisco Unified Communications Manager a quick...

Related posts brought to you by Yet Another Related Posts Plugin.

Tags: CCIE Security

0 responses so far ↓

  • There are no comments yet...Kick things off by filling out the form below.

Leave a Comment