Implementing Cisco Edge Network Security Solutions (SENSS)


Course Description

This course is part of the curriculum path leading to the Cisco Certified Network Professional Security (CCNP Security) certification. Additionally, it is designed to prepare security engineers with the knowledge and hands-on experience to prepare them to configure Cisco perimeter edge security solutions utilizing Cisco switches, Cisco routers, and Cisco Adaptive Security Appliance (ASA) firewalls. You will acquire the foundational knowledge and capabilities to implement and manage security on Cisco ASA firewalls, Cisco routers with the firewall feature set, and Cisco switches. You will gain hands-on experience with configuring various perimeter security solutions for mitigating outside threats and securing network zones. At the end of the course, you will be able to reduce the risk to your IT infrastructures and applications using Cisco switches, Cisco ASA, and router security appliance feature, as well as provide detailed operations support for these products.

Learning Objectives

  • Security threat landscape
  • Implement Cisco modular network security architectures such as SecureX and TrustSec
  • Deploy Cisco infrastructure management and control plane security controls
  • Configure Cisco Layer 2 and Layer 3 data plane security controls
  • Implement and maintain Cisco ASA Network Address Translations (NAT)
  • Implement and maintain Cisco IOS Software NAT
  • Designing and deploying Cisco Cyber Threat Defense solutions on a Cisco ASA utilizing access policy and application and identity based inspection
  • Implement Botnet Traffic Filters
  • Deploy Cisco IOS Zone-Based Policy Firewalls (ZBFW)
  • Configure and verify Cisco IOS ZBFW Application Inspection Policy


  1. Configuring Configure Cisco Policy Protection (CPP) and Management Plane Protection (MPP)
  2. Configure Traffic Telemetry Methods
  3. Configure Layer 2 Data Plan Security
  4. Configure Layer 2 Data Plan Security
  5. Configure NAT on Cisco Adaptive Security Appliance (ASA) Firewall
  6. Configure NAT on Cisco IOS Software
  7. Configure Cisco ASA Access Policy
  8. Configure Cisco ASA Application Inspection Policy
  9. Configure Cisco ASA Botnet Traffic Filter
  10. Configure Cisco ASA Identity Based Firewall
  11. Configure Cisco IOS Software Zone-Based Firewall (ZBFW)
  12. Configure Cisco IOS Software ZBFW Application Inspection Policy Lab Activity Solutions

Related Training

Cisco SD-WAN Operation and Deployment (ENSDW)

Who Should Attend

Network Security Engineers

Course Info

Length: 5 day
Format: Lecture and Lab
Delivery Method: Virtual / Onsite
Max. Capacity: 16

Contact Us


SENSS Data Sheet 20190109.pdf