Cisco Firewalls – ASA and PIX

This course is designed to provide students with the introduction to working with the Cisco ASA and Cisco PIX platforms.

The course is based on practical objectives. Students begin by learning how to configure Interfaces to get the Firewall connected to the network. This then lead into using Access-Lists and how to filter and secure traffic coming through the Firewall. Lastly, the class discusses the various methods to apply Network Address Translation on the Firewall as well as how to configure all the different types of NAT. The course ends by bringing it all together to show how each of the individual topics can be used to create a DMZ configuration.

No scheduled public classes.
Contact us to schedule a private delivery.
1 day / 8 hours
Delivery Format:
Physical Classroom
Virtual – Live delivery
Target Audience

Engineers who operate and deploy Cisco ASA or Cisco PIX Platforms.


Students should have some minor familiarity with configuring Cisco devices (routers/switches/etc).


By the end of class, the student will be able to:

  • Understand and Configure Security Levels on the ASA and PIX Platform
  • Configure interfaces and VLANs to connect a Firewall to the network
  • Build Access-Lists
  • Use and apply Object-Groups in Access-Lists
  • Apply ACLs to Interfaces
  • Understand and Explain the different types of NAT that exist on a Firewall:
    • Static NAT
    • Dynamic NAT
    • Policy NAT
    • NAT Exemption
  • Build a Firewall with a Inside and DMZ interface


  • Security Levels
  • Interfaces and VLANs
    • Configuring IPv4
    • Configuring IPv6
  • Access-lists
    • Syntax
    • Configuration
    • Application
    • IPv6 Access-Lists
  • Object-Groups
  • Network Address Translation
    • Static NAT
    • Dynamic PAT
    • Policy NAT
    • NAT Exemption
    • DNS Doctoring
  • Configuring a DMZ
    • LAB – Configuring a DMZ