Options
Cisco ASA Training
Hey guys,
I setup Cisco 5505's somewhat often. And publish out servers here and there. But I am certainly no expert. I really think I need to round my skills out with them. I am not so much interested in getting any certs. I just want to up my skill level and general speed with them.
I have the Cisco SNAF and SNAA video series from CBTnuggets and my boss will pay for the ebooks. So I am just curious what kind of hardware I would need?
I suppose I am most concerned about the IDS/IPS part. They are still pretty pricey modules I would think? Can these be emulated?
Other than that, I need something with ADSM access. So a 5505 with Security plus and a PIX525? They both support pretty modern ADSMs, right?
Input welcome.
I setup Cisco 5505's somewhat often. And publish out servers here and there. But I am certainly no expert. I really think I need to round my skills out with them. I am not so much interested in getting any certs. I just want to up my skill level and general speed with them.
I have the Cisco SNAF and SNAA video series from CBTnuggets and my boss will pay for the ebooks. So I am just curious what kind of hardware I would need?
I suppose I am most concerned about the IDS/IPS part. They are still pretty pricey modules I would think? Can these be emulated?
Other than that, I need something with ADSM access. So a 5505 with Security plus and a PIX525? They both support pretty modern ADSMs, right?
Input welcome.
-Daniel
Comments
-
Options
DevilWAH
Member Posts: 2,997 ■■■■■■■■□□
get hold of GNS3 and a ASA image, then you can emulate (sorry not emulate, RUN the image) and work on the real thing till your heart is content
create a bridge connection in to you home network, and then you can treat is as a real device and connect ADSM to it.- If you can't explain it simply, you don't understand it well enough. Albert Einstein
- An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
Linkin Profile - Blog: http://Devilwah.com -
OptionsDevilWAH
Member Posts: 2,997 ■■■■■■■■□□
yep
if you can get an image for a ASA then you can run it under GNS3 and will have all the features you would have as if running it on real hard ware. If the image suports it then you will have it.- If you can't explain it simply, you don't understand it well enough. Albert Einstein
- An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
Linkin Profile - Blog: http://Devilwah.com -
Options
mikej412
Member Posts: 10,086 ■■■■■■■■■■
How do you install a simulated AIP-SSM-10 module in an emulated ASA5500 with GNS3?yep:mike: Cisco Certifications -- Collect the Entire Set! -
Options
Ryan82
Member Posts: 428
With a real 5505 you are still going to miss out on some of the exam topics such as high availiability and multiple security contexts. But for the price to bump up to the 5510 level it may be worth just reading about.
The AIP-SSM is pricey. Last time I checked, it cost more than my ASA.
One option may be to get a dedicated IPS appliance like the 4215. That way you can get familar with the IPS software/operations. Make sure it supports recent enough code similar to what the ASA would run. -
Options
phoeneous
Member Posts: 2,333 ■■■■■■■□□□
yep
if you can get an image for a ASA then you can run it under GNS3 and will have all the features you would have as if running it on real hard ware. If the image suports it then you will have it.
In Windows? -
Optionsmikej412
Member Posts: 10,086 ■■■■■■■■■■
You can run the ASA code and the IPS device 6.x code (and Juniper code) in Qemu (and GNS3 since it added the support for Qemu).
Check out the Security Section on the GNS3 doc page: http://www.gns3.net/documentation:mike: Cisco Certifications -- Collect the Entire Set! -
OptionsDevilWAH
Member Posts: 2,997 ■■■■■■■■□□
I was jsut going to point you to this page
Hardware emulated by GNS3 | GNS3
which is a list of what can be emulated
Cisco PIX firewalls
A special version of Qemu called PEMU is embedded into GNS3 for emulating the PIX 525 Security Appliance. PIX software up to version 7.2(4) is supported.
Cisco ASA firewalls
Qemu/GNS3 emulates ASA5520 (ASA 5520 Series Adaptive Security Appliance) hardware to run ASA software up to version 8.0(2).
Cisco IDS sensors
Qemu/GNS3 emulates an IDS 4235/4215 Sensor. The software IPS is known to run with release 6.0.
AS you can see it might not be perfect but should be more than enough to get you on your way to learning firewalls/ASA- If you can't explain it simply, you don't understand it well enough. Albert Einstein
- An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
Linkin Profile - Blog: http://Devilwah.com -
OptionsDevilWAH
Member Posts: 2,997 ■■■■■■■■□□
In Windows?
GNS3 runs just fine in windows. Why not windows? although I actully run GNS3 under linux as it seems more stable.
The only issue you have is getting hold of a legal image to use. As far at this is concerned it is up to you to find one.- If you can't explain it simply, you don't understand it well enough. Albert Einstein
- An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
Linkin Profile - Blog: http://Devilwah.com
