Implementing Cisco IOS Network Security (IINS)


In this course, you will learn about the design, implementation and monitoring of a comprehensive security policy using Cisco IOS security features and technologies as examples. You will also learn about security controls of Cisco IOS devices as well as a functional introduction to the Cisco Adaptive Security Appliance (ASA).

This course enables you to perform basic tasks to secure a network using Cisco IOS security features, which are available through web-based GUIs on the Cisco ASA and the command-line interface (CLI) on Cisco routers and switches. Site-to-site virtual private network (VPN) configuration is covered on both the Cisco IOS and the Cisco ASA. Modern malware examples are included in this course as are cryptographic techniques using stronger hashing and encryption algorithms. Current versions of Cisco IOS, Cisco ASA and Cisco AnyConnect are featured.

who should attend

Network Designers

Network, Systems and Security Engineers

Network and Security Managers


Working knowledge of the Windows operating system

Working knowledge of Cisco IOS networking and concepts

learning objectives

  • Common network security concepts
  • Secure routing and switching infrastructure
  • Deploy basic authentication, authorization and accounting services
  • Deploy basic firewalling services
  • Deploy basic site-to-site and remote access VPN services
  • Advanced security services such as intrusion protection, content security and identity management
  • Develop a comprehensive network security policy to counter threats against information security
  • Configure routers with Cisco IOS software security features, including management and reporting functions
  • Bootstrap the Cisco ASA Firewall for use in a production network
  • Configure the Cisco ASA Firewall for remote access to a Secure Sockets Layer (SSL) VPN
  • Configure a Cisco IOS zone-based firewall (ZBF) to perform basic security operations on a network
  • Configure site-to-site VPNs using Cisco IOS features
  • Configure security features on IOS switches to mitigate various Layer 2 and Layer 3 attacks
  • How a network can be compromised using freely available tools
  • Implement line passwords and enable passwords and secrets
  • Examine authentication, authorization and accounting (AAA) concepts and features using the local database as well as Cisco Secure ACS 5.2
  • Configure packet filtering on the perimeter router

course information

  • Length:

    5 day

  • Format:

    Lecture and Lab

  • Delivery Method:

    Virtual / Onsite

  • Max Capacity:


Contact Us


  • Lab 1: Exploring Cryptographic Technologies
  • Lab 2: Configure and Verify AAA
  • Lab 3: Configuration Management Protocols
  • Lab 4: Securing Routing Protocols
  • Lab 5: VLAN Security and ACLs on Switches
  • Lab 6: Port Security and Private VLAN Edge
  • Lab 7: Securing DHCP, ARP, and STP
  • Lab 8: Explore Firewall Technologies
  • Lab 9: Cisco ASA Interfaces and NAT
  • Lab 10: Access Control Using the Cisco ASA
  • Lab 11: Exploring Cisco IOS Zone-Based Firewall
  • Lab 12: Explore IPsec Technologies
  • Lab 13: IOS-Based Site-to-Site VPN
  • Lab 1: ASA-Based Site-to-Site VPN
  • Lab 14: Remote Access VPN: ASA and AnyConnect
  • Lab 15: Clientless Remote Access VPN
  • Lab 16: Configure AAA and Secure Remote Administration
  • Lab 17: Configure Secure Network Management Protocols
  • Lab 18: Configure Secure EIGRP Routing
  • Lab 19: Configure Secure Layer 2 Infrastructure
  • Lab 20: Configure DHCP Snooping and STP Protection
  • Lab 21: Configure Interfaces and NAT on the Cisco ASA
  • Lab 22: Configure Network Access Control with the Cisco ASA
  • Lab 23: Configure Site-to-Site VPN on IOS
  • Lab 24: Configure AnyConnect Remote Access VPN on ASA
  • Lab 25: Configure Clientless SSL VPN on the ASA

upcoming training sessions

Jul 08, 2019Remote CDT5 DAY COURSE
Jan 20, 2020Remote CST5 DAY COURSE