Cisco Security Manager 3.x supports integrated provisioning of VPN and firewall services across IOS routers, PIX, ASA security appliances, IPS, and services modules in Catalyst 6500 switch series and Cisco 7600 router series devices. The resulting learning product, SMN v1.1, is a performance-based course comprised of lessons and lab activities.

Cisco Security Manager centrally provisions all aspects of device configurations and security policies for Cisco firewalls, virtual private networks (VPNs), and Cisco Intrusion Prevention System (IPS). It also supports advanced settings that are not strictly related to security, such as quality of service (QoS) routing and Simple Network Management Protocol (SNMP).

Cisco Security Manager 3.x is suitable for managing small networks consisting of a handful of devices, but also scales to efficiently manage large scale networks consisting of thousands of devices. Scalability is achieved through intelligent policy-based management techniques that can simplify administration.

Objectives

• Describe the Cisco Security Manager solution, features, and functions
• Describe how to manage devices in Cisco Security Manager
• Describe the concept of policies in Cisco Security Manager and how to use and manage them
• Describe the concept of objects in Cisco Security Manager and how to use and manage them
• Describe how to use the Map view
• Describe various services and platform policies that are used to manage site-to-site VPN, remote-access VPN, and SSL VPN
• Describe various firewall services that are used to manage firewall-related policies
• Describe how to configure platform policies on firewall devices
• Describe how to configure platform-specific services and policies on Cisco IPS sensors and Cisco IOS IPS devices
• Describe how to configure platform policies and interface policies on Cisco IOS routers
• Describe how to configure platform-specific services and policies on Catalyst 6500 Series Switches and Cisco 7600 Series Routers
• Describe the FlexConfig feature and how to use it
• Describe the process of working with activities and managing deployment in Cisco Security Manager
• Describe monitoring, troubleshooting, and diagnostic tools that are available in Cisco Security Manager

Who Should Attend

The primary and secondary audience for this course is as follows:

• Engineers who support sales of Cisco security product solutions
• Cisco channel partners who sell, implement, and maintain secure networks
• Cisco customers who implement and maintain secure networks

• Cisco CCSP® certification or the equivalent knowledge
• Passage of the Securing Networks with PIX and ASA exam (642-522 SNPA) and the Securing Networks with Cisco Routers and Switches exam (642-503 SNRS) or equivalent knowledge.
• Familiarity with implementing network security policies and these networking components and concepts:

• Security Technologies: NAT, PAT, firewall appliances, VPN, IPS, CSA, ACS, integrated router and switch security and security management software.

• Security Protocols: AAA, IPSec, IKE, and various tunneling protocols.

• Application Protocols: HTTP, HTTPS, ICMP, SSH, SSL, NTP, FTP, TFTP, DNS etc.