Implementing Cisco Threat Control Solutions V1.0


Implementing Cisco Threat Control Solutions (SITCS) v1.0 is a newly created five-day instructor-led training (vILT) course, which is part of the curriculum path leading to the Cisco Certified Network Professional Security (CCNP Security) certification. Additionally, it is designed to prepare security engineers with the knowledge and hands-on experience so that they can deploy Cisco’s Next Generation Firewall (NGFW) as well as Web Security, Email Security and Cloud Web Security. The goal of the course is to provide students with foundational knowledge and the capabilities to implement and managed security on Cisco ASA firewalls utilizing Cisco Next Generation product solution which integrates Cisco Prime Security Manager for managing identity policies. The student will gain hands-on experience with configuring various advanced Cisco security solutions for mitigating outside threats and securing traffic traversing the firewall. At the end of the course, students will be able to reduce the risk to their IT infrastructures and applications using Cisco’s Next Generation Firewall security appliance feature and provide operational support for Intrusion Prevention Systems, Email Security, and Web based security appliances.

Duration – 5 Days hands-on training
Level – Professional
Technology – Cisco
Category– Cisco Borderless Networking / Security
Delivery Method Training Credits / Vouchers
Instructor-led Cisco Learning/ Credits Accepted

Course Content

1. Course Introduction

  • Overview
  • Course Goal and Objectives
  • Course Flow
  • Additional References
  • Your Training Curriculum

2. Cisco ASA Next-GenerationFirewall (NGFW) Services

  • Describing the Cisco Modular Network Architecture
  • Describing the Cisco ASA (CX)
  • NGFW Management Architecture
  • Configure Cisco ASA (CX) NGFW Policy Objects
  • Monitoring Cisco ASA (CX) NGFW Operations
  • Configuring Cisco ASA (CX) NGFW Access Policies
  • Configuring Cisco ASA (CX) NGFW Identity Policies
  • Configuring Cisco ASA (CX) NGFW Access Decryption Policies
  • Module Summary

3. Cisco Web Security Appliance

  • Describing The Cisco Web Security Appliance (WSA) Solutions
  • Integrating the Cisco Web Security Appliance
  • Configuring Cisco Web Security Appliance Identities and User
  • Authentication Controls
  • Configuring Cisco Web Security Appliance Acceptable Use
  • Control
  • Configuring Cisco Web Security Appliance Anti-Malware Controls
  • Configuring Cisco Web Security Appliance Decryption
  • Configuring Cisco Web Security Appliance Data Security Controls
  • Module Summary

4. Cisco Cloud Web Security

  • Describing the Cisco Cloud Web Security Solution
  • Configuring Cisco Cloud Web Security Connectors
  • Describing the Web Filtering Policy in Cisco ScanCenter
  • Module Summary

5. Cisco Email Security Appliance

  • Describe the Cisco Email Security Solutions
  • Describing the Cisco Email Security Appliance Basic Configuration
  • Deploying Cisco ASA Application Inspection Policies
  • Summary

6. Cisco Intrusion Prevention Systems

  • Describing IPS Threat Controls
  • Integrating Cisco IPS Sensor into a Network
  • Configuring Basic Cisco IPS Settings
  • Tuning Cisco IPS Signatures
  • Configuring Custom Cisco IPS Signatures
  • Configuring Cisco IPS Anomaly-Detection
  • Configuring Cisco IPS Reputation-Based Features
  • Summary


The knowledge and skills a learner should have before attending:

  • Cisco Certified Network Associate (CCNA) certification
  • Cisco Certified Network Associate (CCNA) Security certification
  • Knowledge of Microsoft Windows operating system

Course Objectives

Upon completing this course, the learner will be able to meet these overall objectives:

  • Understand Cisco ASA Next-Generation Firewall (NGFW)
  • Deploy Cisco Web Security appliance to mitigate malware
  • Configure Web Security appliance for acceptable use controls
  • Configure Cisco Cloud Web Security Connectors
  • Describe Cisco Email Security Solution
  • Configure Cisco Email Appliance Incoming and Outgoing Policies
  • Describe IPS Threat Controls
  • Configure and Implement Cisco IPS Sensor into a Network

Target Audience

This course is intended primarily for:

  • Network Security Engineers

Associated Certifications & Exam

The 300-207 Implementing Cisco Threat Control Solutions (SITCS) exam tests a network security engineer on advanced firewall architecture and configuration with Cisco’s Next Generation Firewall (NGFW) utilizing access and identity polices. This exam covers integration of Intrusion Prevention System (IPS) and context-aware firewall components, as well as Web (Cloud) and Email Security solutions.