FIREPOWER200: Securing Networks with Firepower Threat Defense NGFW

Important notice!

This course has been retired, and replaced by the new course:

SSNGFW: Securing Networks with Cisco Firepower Next Generation Firewall







The Securing Networks with Cisco Firepower Threat Defense NGFW (FIREPOWER200) course demonstrates the powerful features of Cisco Firepower Threat Defense, including VPN configuration, traffic control, NAT configuration, SSL decryption, advanced NGFW and NGIPS tuning and configuration, analysis and troubleshooting. This course combines lecture materials and hands-on labs throughout to make sure that students are able to successfully deploy and manage the Cisco Firepower system.

Students will learn how to use and configure Cisco Firepower Threat Defense technology, beginning with initial device setup and configuration and including routing, high availability, Cisco ASA to Firepower Threat Defense migration, traffic control, and Network Address Translation (NAT). The course will then explore how to implement advanced Next-Generation Firewall (NGFW) and Next-Generation Intrusion Prevention System (NGIPS) features, including network intelligence, file type detection, network-based malware detection, and deep packet inspection. Configuration of site-to-site VPN, remote-access VPN, and SSL decryption are also coverved before moving on to detailed analysis, system administration, and troubleshooting.


This course is designed for technical professionals who need to know how to deploy and manage a Cisco Firepower NGIPS and NGFW in their network environments.


Attendees should meet the following prerequisites:

  • Knowledge of TCP/IP and basic routing protocols
  • Familiarity with firewall, vpn and IPS concepts

Course objectives

After completing this course, you should be able to:

  • Describe key concepts of NGIPS and NGFW technology and the Cisco Firepower Threat Defense system and identify deployment scenarios
  • Perform initial Firepower Threat Defense device configuration and setup tasks
  • Describe how to manage traffic and implement Quality of Service (QoS) using Cisco Firepower Threat Defense
  • Describe how to implement NAT by using Cisco Firepower Threat Defense
  • Perform an initial network discovery, using Cisco Firepower to identify hosts, applications and services
  • Describe the behavior, usage and implementation procedure for access control policies
  • Describe the concepts and procedures for implementing security Intelligence features
  • Describe Cisco AMP for Networks and the procedures for implementing file control and Advanced Malware Protection
  • Implement and manage intrusion policies
  • Describe the components and configuration of site-to-site VPN
  • Describe and configure a remote-access SSL VPN that uses Cisco AnyConnect
  • Describe SSL decryption capabilities and usage

Course content

Module 1: Cisco Firepower Threat Defense Overview
Module 2: Firepower NGFW Device Configuration
Module 3: Firepower NGFW Traffic Control
Module 4: Firepower NGFW Address Translation
Module 5: Firepower Discovery
Module 6: Implementing Access Control Policies
Module 7: Security Intelligence
Module 8: File Control and Advanced Malware Protection
Module 9: Next-Generation Intrusion Prevention Systems
Module 10: Site-to-Site VPN


There are no exams currenty aligned to this course.