Implementing Cisco Secure Mobility Solutions


Implementing Cisco Secure Mobility Solutions (SIMOS) v1.0 is a newly created five-day instructor-led training (vILT) course that is part of the curriculum path leading to the Cisco Certified Network Professional Security (CCNP Security) certification. This course is designed to prepare network security engineers with the knowledge and skills they need to protect data traversing a public or shared infrastructure such as the Internet by implementing and maintaining Cisco VPN solutions. Students of this course will gain hands-on experience with configuring and troubleshooting remote access and site-to-site VPN solutions, using Cisco ASA adaptive security appliances and Cisco IOS routers.

Duration – 5 Days hands-on training
Vendor – Cisco
Audience – Network Security Engineers
Level – Professional
Technology – Cisco
Category – Borderless Networking / Security

Course Content

1. Course Introduction

  • Overview
  • Course Goal and Objectives
  • Course Flow
  • Additional References
  • Your Training Curriculum

2. Fundamentals of VPN Technologies and Cryptography

  • The Role of VPNs in Network Security
  • VPNs and Cryptography

3. Deploying Secure Site-to-SiteConnectivity Solutions

  • Introducing Cisco Secure Site-to-Site Connectivity Solutions
  • Deploying Point-to-Point Ipsec VPNs on the Cisco ASA
  • Deploying Cisco IOS VTI-Based Point-to-Point IPsec VPNs
  • Deploying Cisco IOS DMVPNs

4. Deploying Cisco IOS Site-toSite FlexVPN Solutions

  • Introducing Cisco FlexVPN Solution
  • Deploying Point-to-Point Ipsec VPNs Using Cisco IOS FlexVPN
  • Deploying Hub-and-Spoke Ipsec VPNs Using Cisco IOS FlexVPN
  • Deploying Spoke-to-Spoke Ipsec VPNs Using Cisco IOS FlexVPN

5. Deploying Clientless SSL VPN

  • Clientless SSL VPN Overview
  • Deploying Basic Cisco Clientless SSL VPN
  • Deploying Application Access in Clientless SSL VPN
  • Deploying Advanced Authentication in Clientless SSL VPN

6. Deploying Cisco AnyConnectVPNs

  • Overview of Cisco AnyConnect VPNs
  • Deploying Basic Cisco AnyConnect SSL VPN on Cisco ASA
  • Deploying Advanced Cisco AnyConnect SSL VPN on Cisco ASA
  • Deploying Cisco AnyConnect IPsec/IKEv2 VPNs
  • Deploying Advanced Authentication, Authorization, and Accounting in Cisco AnyConnect VPNs

7. Deploying Endpoint Securityand Dynamic Access Policies

  • Implementing Host Scan
  • Implementing DAP for SSL VPNs


The knowledge and skills a learner should have before attending this course:

  • Cisco Certified Network Associate (CCNA) certification
  • Cisco Certified Network Associate (CCNA) Security certification
  • Knowledge of Microsoft Windows operating system

Course Objectives

Upon completing this course, the learner will be able to meet these overall objectives:

  • Describe the various VPN technologies and deployments as well as the cryptographic algorithms and protocols that provide
  • VPN security.
  • Implement and maintain Cisco site-to-site VPN solutions.
  • Implement and maintain Cisco FlexVPN in point-to-point, hub-and-spoke, and spoke-to-spoke IPsec VPNs.
  • Implement and maintain Cisco clientless SSL VPNs.
  • Implement and maintain Cisco AnyConnect SSL and IPsec VPNs.
  • Implement and maintain endpoint security and dynamic access policies (DAP).

Target Audience

This course is intended primarily for:

  • Network Security Engineers

Associated Certifications & Exam

The 300-209 Implementing Cisco Secure Mobility Solutions (SIMOS) exam tests a network security engineer on the variety ofVirtual Private Network (VPN) solutions that Cisco has available on the Cisco ASA firewall and Cisco IOS software platforms. The exam assesses the knowledge necessary to properly implement secure remote communications through VPN technology such as remote access SSL VPN and Site-to-Site VPN (DMVPN, FlexVPN).