Securing Networks with Firepower Next Generation Firewall (SSNGFW)

Course Description

Securing Networks with Cisco Firepower Next Generation Firewall (SSNGFW)

The Securing Networks with Cisco Firepower Next Generation Firewall (SSNGFW) v1.0 course shows you how to deploy and use Cisco Firepower® Threat Defense system. This hands-on course gives you knowledge and skills to use and configure Cisco® Firepower Threat Defense technology, beginning with initial device setup and configuration and including routing, high availability, Cisco Adaptive Security Appliance (ASA) to Cisco Firepower Threat Defense migration, traffic control, and Network Address Translation (NAT). 

Securing Networks with Cisco Firepower Next Generation Firewall (SSNGFW) is one of the concentration electives you can take to certify for the CCNP Security Certification. To complete CCNP Security you will need to pass the Implementing and Operating Cisco Security Core Technologies (350-701 SCOR) exam or its equivalent.

This course prepares you for the Cisco Certified Specialist - Network Security Firepower Certification.  

Required exam and recommended training

300-710 SNCF

Certification Track - CCNP Security Certification
SCOR (Core) + SSNGFW + SSFIPS (Concentration electives) = CCNP Security Certification

The Securing Networks with Cisco Firepower Next Generation Firewall (SSNGFW) course is also available as part of our Cisco Security Passport, which helps conquer your security challenges.

This course helps you prepare to take the exam, Securing Networks with Cisco Firepower (300-710 SNCF), which leads to CCNP Security and Cisco Certified Specialist – Network Security Firepower certifications. The 300-710 SNCF exam has a second preparation course as well, Securing Networks with Cisco Firepower Next-Generation Intrusion Prevention System (SSFIPS). You can take these courses in any order.

The 300-710 SNCF exam certifies your knowledge of Cisco Firepower Threat Defense and Firepower, including policy configurations, integrations, deployments, management, and troubleshooting.

After you pass 300-710 SNCF:

Learning Objectives

  • Describe key concepts of NGIPS and NGFW technology and the Cisco Firepower Threat Defense system, and identify deployment scenarios
  • Perform initial Cisco Firepower Threat Defense device configuration and setup tasks
  • Describe how to manage traffic and implement Quality of Service (QoS) using Cisco Firepower
  • Threat Defense
  • Describe how to implement NAT by using Cisco Firepower Threat Defense
  • Perform an initial network discovery, using Cisco Firepower to identify hosts, applications, and services
  • Describe the behavior, usage, and implementation procedure for access control policies
  • Describe the concepts and procedures for implementing security intelligence features
  • Describe Cisco Advanced Malware Protection (AMP) for Networks and the procedures for implementing file control and advanced malware protection
  • Implement and manage intrusion policies
  • Describe the components and configuration of site-to-site VPN
  • Describe and configure a remote-access SSL VPN that uses Cisco AnyConnect®
  • Describe SSL decryption capabilities and usage

This class will help you:

  • Implement Cisco Firepower NGFW to provide advanced threat protection before, during, and after attacks
  • Gain leading-edge skills for high-demand responsibilities focused on security


  • Knowledge of TCP/IP and basic routing protocols
  • Familiarity with firewall, VPN, and Intrusion Prevention System (IPS) concepts


  1. Initial Device Setup
  2. Device Management
  3. Configuring High Availability
  4. Migrating from Cisco ASA to Cisco Firepower Threat Defense
  5. Implementing QoS
  6. Implementing NAT
  7. Configuring Network Discovery
  8. Implementing an Access Control Policy
  9. Implementing Security Intelligence
  10. Implementing Site-to-Site VPN
  11. Implementing Remote Access VPN
  12. Threat Analysis
  13. System Administration
  14. Firepower Troubleshooting

Course Information

Length: 5 day

Format: Lecture and Lab

Delivery Method: Virtual / Onsite

Max. Capacity: 16


Want to learn more? Please fill out the form below and one of our team will reach out to you shortly.

Geography & Location
May 17, 2021 - 5 day(s)
May 17, 2021
$4000 USD
$4000 USD, 40 CLC
Jun 14, 2021 - 5 day(s)
Jun 14, 2021
GTR-Remote/London Time Zone
EMEA, GTR-Remote/London Time Zone
$4000 USD
$4000 USD, 40 CLC
Jun 28, 2021 - 5 day(s)
Jun 28, 2021
APAC, Remote/Sydney
$4000 USD
$4000 USD, 40 CLC
Jul 26, 2021 - 5 day(s)
Jul 26, 2021
Remote/Central Time Zone
AMER, Remote/Central Time Zone
$4000 USD
$4000 USD, 40 CLC
Aug 23, 2021 - 5 day(s)
Aug 23, 2021
Remote/UK Time Zone
EMEA, Remote/UK Time Zone
$4000 USD
$4000 USD, 40 CLC

Who Should Attend

Security administrators, Security consultants, Network administrators, System engineers, Technical support personnel, Channel partners, and resellers