© 1999, Cisco Systems, Inc. 1-1 Chapter 1 Introduction
© 1999, Cisco Systems, Inc. MCNSv2.01-2
© 1999, Cisco Systems, Inc. MCNSv Objectives Upon completion of this course, you will be able to perform the following tasks: Identify network security threats Evaluate a network security policy Secure remote dialin access using CiscoSecure ACS (for MS Windows NT) and Cisco IOS AAA software features Protect Internet access by configuring a Cisco perimeter router and a PIX Firewall Use IPSec features in Cisco IOS software to create a secure VPN
© 1999, Cisco Systems, Inc. MCNSv Prerequisites Internetworking Technology Multimedia self study and Introduction to Cisco Router Configuration (ICRC) or Cisco Routers and LAN Switches (CRLS) and Advanced Cisco Router Configuration (ACRC) and Six months experience configuring Cisco routers and Familiarity with configuring Cisco dialup networking Managing Cisco Network Security (MCNS) 2.0 Interconnecting Cisco Network Devices (ICND) or
© 1999, Cisco Systems, Inc. MCNSv Participant Responsibilities Student Responsibilities Complete Prerequisites Participate in Laboratory Exercises Ask Questions
© 1999, Cisco Systems, Inc. MCNSv General Administration Class Related Sign-in sheet Length and times Break and lunch room locations Attire Facilities Related Participant materials Site emergency procedures Rest rooms Telephones/faxes
© 1999, Cisco Systems, Inc. MCNSv © 1999, Cisco Systems, Inc Student Introductions
© 1999, Cisco Systems, Inc. MCNSv Introductions Your name Your company Pre-req skills Brief History Objective
© 1999, Cisco Systems, Inc. MCNSv © 1999, Cisco Systems, Inc Course Syllabus
© 1999, Cisco Systems, Inc. MCNSv Class Syllabus LUNCH Day 1 AMDay 1 PMDay 2 AMDay 2 PMDay 3 AM Course Introduction Evaluating Network Security Threats Configuring PIX Firewall Basics Securing Network Access with CiscoSecure Access Control Server Configuring Access Through the PIX Firewall Configuring NAS for AAA Security LUNCH Configuring Multiple Interfaces and AAA on the PIX Configuring Advanced PIX Features Configuring a Cisco Perimeter Router Configuring Cisco Secure Integrated Software Configuring NAS for AAA Security
© 1999, Cisco Systems, Inc. MCNSv
© 1999, Cisco Systems, Inc. MCNSv Class Syllabus (cont.) LUNCH Day 3 PMDay 4 AMDay 4 PMDay 5 AMDay 5 PM Configuring Cisco IOS IPSec Configuring Cisco IPSec Client Understanding Cisco IOS IPSec Support LUNCH Configuring Cisco IOS IPSec Scaling Cisco IPSec Networks
© 1999, Cisco Systems, Inc. MCNSv © 1999, Cisco Systems, Inc Graphic Symbols Used in the Course
© 1999, Cisco Systems, Inc. MCNSv Graphic Symbols Ethernet Link RouterWorkgroup Switch High-End Switch PIX Firewall R2 NAS NetSonarNetRanger Director or Sensor Internet Dialup Client NT Server: CiscoSecure, Web, FTP, TFTP, Syslog Server PC, Workstation, or Server
© 1999, Cisco Systems, Inc. MCNSv © 1999, Cisco Systems, Inc XYZ Company Description
© 1999, Cisco Systems, Inc. MCNSv CA Server PIX Firewall Web Surfer Remote Branch Internet Web Server Internet Protected DMZ Dirty DMZ NetRanger Sensor Outside DMZ Inside Dialup R2 NAS ClientServer Campus Router Bastion Host SMTP Server DNS Server IS NT Server: CiscoSecure, Web, FTP, TFTP, Syslog Server NetRanger Director NetSonar Dialup Client Sales XYZ Company Enterprise Bastion Host R1 Perimeter Router
© 1999, Cisco Systems, Inc. MCNSv © 1999, Cisco Systems, Inc MCNS Lab Description
© 1999, Cisco Systems, Inc. MCNSv PIX1 Firewall Protected DMZ Dirty DMZ X.0 /24.2 Outside X.0/24.1 DMZ Inside.3 NAS IS.1 10.X.2.1 /24 10.X.2.2 to 10.X.2.10 /24 Windows NT PC NT1 NT Server: CiscoSecure NT, IIS FTP and Web Server Cisco Security Manager, Syslog Server, TFTP Server.4 Instructor NT Server: FTP, HTTP, CA / X.1 /30 Perimeter Router 10.X.1.0 /24 Bastion Host: Web Server FTP Server.3 Sales Dialup Frame Relay (Internet) Telco Simulator 100X MCNS Lab Environment Generic.1.2 X = POD #
© 1999, Cisco Systems, Inc. MCNSv Blank for notes