29 Aug, 2015
Text Size


This class is equally suited to specialists new to the world of Cisco and the Cisco way of managing devices, or staff familiar with Cisco IOS and wishing to explore the management techniques for Cisco PIX configuration.

This introduction will soon get you up and running with Cisco PIX firewalls and serves as a solid foundation for the further study needed to prepare for Cisco certification: Exam 642-552 “SND Securing Cisco Network Devices with PIX”.


A general familiarity with networking concepts and firewall technology in general is assumed. This understanding can be obtained by attending either of our Introduction of Firewalls course or our CCNA Routing and Switching course.


2 days. Hands on.

This course is available on site only. Please call for details.

Course Objectives

After the course, you will be able to describe the features, functions and benefits of Cisco PIX Firewall. Also, you will be able to perform basic configuration such as routing, sending messages, DHCP, special protocol handling, AAA, shunning, VPN. You will be able to debug, test and verify PIX Firewall operations. The training lab is equipped with Cisco PIX security devices and you will be able to configure your own firewall as the event unfolds.

Course Content

Install and Configure a Security Appliance for Basic Network Connectivity
Describe the Security Appliance hardware and software architecture.
Use setup or the CLI to configure basic network settings, including interface configurations.
Use appropriate show commands to verify initial configurations.
Configure NAT and global addressing to meet user requirements.
Configure DHCP client option.
Set default route.
Configure static address translations.
Configure Network Address Translations: PAT.
Verify network address translation operation.
Configure logging options.
Explain the information contained in syslog files.

Configure a Security Appliance to Rrestrict Inbound Traffic
Configure access-lists to filter traffic based on address, time, and protocols.
Configure Network Address Translations: Nat0.
Configure Network Address Translations: Policy NAT.
Configure URL filtering.
Verify inbound traffic restrictions.
Configure static port redirection.
Connection limits.

Configure a Security Appliance using Site-to-Site VPNs
Explain the basic functionality of IPsec.
Configure IKE with preshared keys.
Differentiate between the types of encryption.
Configure IPsec parameters.

Configure AAA Services for the Security Appliance
Configure Security Appliance to use AAA feature.
Configure authentication using both local and external databases.
Configure authorization using an external database.
Configure the ACS server for downloadable ACLs.
Configure accounting of connection start/stop.
Verify AAA operation.

Monitor and Manage an Installed Security Appliance
Obtain and apply OS updates.
Backup and restore configurations and software.
Explain the Security Appliance file management system.
Perform password/lockout recovery procedures.
Configure passwords for various access methods: Telnet, serial, enable, SSH.
Configure various access methods: Telnet, SSH, ASDM.
Configure command authorization and privilege levels.
Configure local username database.
Verify access control methods.
Add, delete, and modify syslog messages.

Search Public Courses

Course Contact Form

Please complete the form to enquire about running a course at your premises or one of our training facilities