Cisco NGFW Firepower Threat Defense (FTD) Course

Intermediate English
Created by Ahmad Ali
Last updated Tue, 24-Jan-2023
+ View more

Course overview

The Cisco Firepower Threat Defense NGFW Implementation Training course shows you how to use and configure Cisco Firepower Threat Defense technology, beginning with initial device setup and configuration and including routing, Network Address Translation (NAT) and Policies.

This course teaches you how to implement advanced Next-Generation Firewall (NGFW) and Next-Generation Intrusion Prevention System (NGIPS) features. Cisco Firepower Threat Defense and Firepower including policy configurations, integrations, deployments, management and troubleshooting. These courses, Securing Networks with Cisco Firepower, and Securing Network with Cisco Firepower Next-Generation Intrusion Prevention System help candidates prepare for this exam.

  • 1.1 Implement NGFW modes

    • 1.1.a Routed mode

    • 1.1.b Transparent mode

    1.2 Implement NGIPS modes

    • 1.2.a Passive

    • 1.2.b Inline

    1.3 Implement high availability options

    • 1.3.a Link redundancy

    • 1.3.b Active/standby failover

    • 1.3.c Multi-instance

    1.4 Describe IRB configurations

  • 2.0 Configuration

    2.1 Configure system settings in Cisco Firepower Management Center

    2.2 Configure these policies in Cisco Firepower Management Center

    • 2.2.a Access control

    • 2.2.b Intrusion

    • 2.2.c Malware and file

    • 2.2.d DNS

    • 2.2.e Identity

    • 2.2.f SSL

    • 2.2.g Prefilter

    2.3 Configure these features using Cisco Firepower Management Center

    • 2.3.a Network discovery

    2.4 Configure objects using Firepower Management Center

    • 2.4.a Object Management

    • 2.4.b Intrusion Rules

    2.5 Configure devices using Firepower Management Center

    • 2.5.a Device Management

    • 2.5.b NAT

    • 2.5.c VPN

    • 2.5.d QoS

    • 2.5.e Platform Settings

  • 3.0 Management and Troubleshooting

    3.1 Troubleshoot with FMC CLI and GUI

    3.2 Configure dashboards and reporting in FMC

    3.3 Troubleshoot using packet capture procedures

Bu kurs kimler için uygun:

  • Course has been designed for anyone who wants to start learning NGFW
  • This course is for students trying to learn the CCNP Security
  • Any Network or Security Engineer want to learn or polish their Skills.
  • Network and Security Engineers

What will i learn?

  • Implement NGFW modes
  • Implement high availability options
  • Configure these policies in Cisco Firepower Management Center
  • Configure devices using Firepower Management Center
  • Configure and verify site-to-site VPN and remote access VPN
  • Implement segmentation, access control policies, AVC, URL filtering
  • Implement NGIPS modes
  • Configure system settings in Cisco Firepower Management Center
  • Configure these features using Cisco Firepower Management Center
  • Firepower initial bootstrap and setup


  • Basic IP and security knowledge is nice to have
  • Students need to understand basic networking
  • CCNA routing and Switching Knowledge
  • Students needs to understand Networking Fundamentals
  • CCNA Security or Equivalent


98 Lessons 31:10:04 Hours
Cisco NGFW Firepower Threat Defense (FTD)
51 Lessons 13:32:25 Hours
  • Introduction and Concept of Cisco Firepower (FTD and FMC)
  • Install and Add Cisco FTD 6.2.3-83 on EVE NG
  • Install and Add Cisco FMC 6.2.3-83 on EVE NG
  • Introduction to FDM (Firepower Device Manager)
  • Configure and Setup Cisco FTD Lab for FDM Access
  • Configure and Verify Cisco FTD Using FDM Lab
  • Firepower Device Manager Main Page walkthrough
  • FDM, System Settings, Management Access List
  • FDM, System Settings, Diagnostic Logging
  • FDM, System Settings, DHCP Server Configuration
  • FDM, System Settings, DNS Server Configuration
  • FDM, System Settings, Management Interface
  • FDM, System Settings, Device Hostname Configuration
  • FDM, System Settings, Network Time Protocol NTP
  • FDM, System Settings, HTTP Proxy Configuration
  • FDM, System Settings, Web Analytics Settings
  • FDM, System Settings, Reboot or Shutting Down
  • FDM, System Settings, URL Filtering Settings
  • FDM, Top Upper Right Conner Menu Walkthrough
  • Configure & Verify Objects Firepower Device Manager
  • Configure and Verify ACP Firepower Device Manager
  • FDM, Introduction & Walkhrough Monitoring Dashboards
  • FDM, Configure and Verify Main Page Device Groups
  • Configure and Setup Cisco FTD Lab for FMC Access
  • Firepower Threat Defense First Time Configuration
  • Firepower Management Center First Time Configuration
  • Activate Smart License Evaluation Mode in Cisco FMC
  • Register and Verify Cisco FTD Firewall to Cisco FMC
  • Cisco FTD Initial Working Lab Using the Cisco FMC
  • Cisco Firepower Management Center (FMC) Main Menu
  • Deploy Configuration and Message Center Details
  • Configure and Verify System Settings In Cisco FMC
  • Introduction and Concept of Access Control Policies
  • Configure and Verify HTTP Responses Pages in FMC
  • Introduction and Concept of URL Filtering in FTD
  • Configure and Verify Custom URLs Object Filtering
  • Configure and Verify URL and Web Category Filtering
  • Introduction and Concept of Security Intellignece
  • Configure and Verify Security Intelligence SI Lab
  • Security Intelligence Custom Blacklist & Whitelist
  • Security Intelligence Global Blacklist & Whitelist
  • Introduction and Concept of DNS Policy in Cisco FTD
  • Configure and Verify Domain Name System (DNS) Policy
  • Introduction and Concept of Pre-Filtering Policy FTD
  • Configure and Verify Pre-Filtering Policy in FTD Lab
  • Introduction and Concept of SSL Decryption Policy FTD
  • Configure and Verify SSL Decryption Policy FTD Lab
  • Introduction and Concept of Malware & File Policy
  • Configure and Verify Malware and File Policy Lab
  • Introduction and Concept of Network Discovery Policy
  • Configure and Verify Network Discovery Policy Lab
  • Introduction, Theory and Concept of Intrusion Policy
  • Configure & Verify Variable Set for Intrusion Policy
  • Introduction and Theory of Intrusion Policy Main Page
  • Configure and Verify Intrusion Policy in Cisco FTD Lab
  • Configure and Verify Custom Intrusion Rule in Cisco FTD
  • Introduction, Theory and Concept of NAT and PAT in FTD
  • Configure & Verify Manual/Auto Static NAT in Cisco FTD
  • Configure & Verify Manual/Auto Static PAT in Cisco FTD
  • Configure & Verify Manual/Auto Dynamic NAT in Cisco FTD
  • Configure & Verify Manual/Auto Dynamic PAT in Cisco FTD
  • Configure & Verify PAT Pool and PAT Options in Cisco FTD
  • Configure & Verify Manual/Auto Identity NAT in Cisco FTD
  • Configure & Verify Manual Policy NAT in Cisco FTD Firewall
  • Introduction and Concept of Deployment and Interface Modes
  • Configure and Verify Cisco FTD Subinterface Deployment
  • Configure and Verify Cisco FTD Passive Interface Mode
  • Configure & Verify Cisco FTD Inline and Inline Tap Modes
  • Configure & Verify Cisco FTD Transparent Mode Deployment
  • Configure and Verify Cisco FTD Redundant Interfaces Mode
  • Introduction, Theory and Concept of High Availability (HA)
  • Configure and Verify Active/Standby High Availability FTD
  • Introduction, Theory and Concept of Multi-Instance in FTD
  • Introduction, Theory and Concept of Quality of Service QoS
  • Configure and Verify Quality of Service (QoS) Lab in FTD
  • Introduction and Concept of Cryptography and Terminologies
  • Introduction & Concept of Symmetric & Asymmetric Encryption
  • Introduction and Concept of Cryptography Hash (SHA and MD5)
  • Introduction and Concept of Virtual Private Network (VPN)
  • Introduction and Concept of IPSec Protocols and Features
  • Introduction and Concept of Diffie-Hellman (DH) Group
  • Introduction and Concept of SSL and TLS and Hand shake
  • Introduction and Concept of IKE1, IKE2 Versions and Modes
  • Internet Key Exchange IKE Phase 1 two different Modes Lab
  • Introduction to Policy-Based and Route-Based VPNs and Types
  • Configure and Verify Site-to-Site Policy-Based VPN in FTD
  • Configure and Verify the NAT Exemption in Site-to-Site VPN
  • Configure & Verify Cisco Anyconnect Remote Access VPN in FTD
  • Introduction to Cisco FTD Command Line Interface (CLI) Modes
  • Introduction to Troubleshooting, Tshoot Approaches and Tools
  • Introduction to Advanced Troubleshoot with FMC CLI and GUI
  • Configure & Verify Troubleshoot using packet-Tracer CLI & GUI
  • Configure & Verify Troubleshoot using packet Capture CLI & GUI
  • Verify Difference between Firepower Engine and Firewall Engine
  • Intro, Configure & Verify Dashboards and Reporting in Cisco FMC
  • Introduction and Concept of Cisco Threat Intelligence Director
  • Implement TID for Third-Party Security Intelligence Feeds in FMC
  • Cisco NGFW Firepower Threat Defense (FTD) Course Slides
Daniel Lardeux
Daniel Lardeux Senior Network Consultant at Post Telecom

I passed the CCDE Practical exam and Orhan’s CCDE course was very important contributor to my success. I attended the CCDE course of Orhan Ergun in July and it was exactly what I needed, Orhan is taking the pain to break down the different technologies.

Roy Lexmond
Roy Lexmond Senior Network Designer at Routz CCDE #20150017 & CCIE R&S; #26557

After I attended Orhan Ergun’s CCDE course I passed the CCDE practical exam.I really enjoyed the course a lot.

Before I signed up I didn’t know what to expect but it’s for sure a great design course and preparation for the CCDE exam. Mainly because of the interaction with Orhan who is really an expert in explaining all the different technologies and making perfect designs out of them.

Nicholas Russo
Nicholas Russo Network Consulting Engineer (CCDE/CCIEx2), Cisc

I signed up for Orhan’s CCDE training. This training is very technically detailed and the use-cases, quizzes, scenarios, and mind maps are all great resources in the overall training program. Orhan teaches his students to think like a network designer by applying technology to meet business requirements and design specifications.

Slide Heading
Slide Heading Network Systems Engineer at Conscia A/S CCIE #42544 (SP) & CCDE #20160015

Orhan is forcing you to take off the implementation hat that most of us have been wearing for many years, instead he is providing a new fancy design hat, which makes you see and deal with the issues presented. At the beginning of this CCDE course you many times are sitting thinking ‘I could solve this issue with some fancy trick/feature’, all because you keep thinking implementation. However as the course goes on Orhan is helping you to fill your new fancy design hat with all the important information not only for designing, meeting business requirements, but also dealing with the interaction of the protocols. If you’re trying to get your head into a new hat, chasing the CCDE exam, or just wants to get on top with network design, I would go to Orhan today.

Kim Pedersen
Kim Pedersen CCIE in RS and SP (#29189) CCDE#20170021

I’ve used Orhan’s self-paced CCDE training material. If you are interested in knowing how all the technologies go together in a coherent design i can highly recommend it.I also enjoyed the Quizzes which helped pick out my weak spots in selecting an appropriate design. So if you are serious about either learning more about the design aspects of networking or you are going for the CCDE practical, you should take a hard look at Orhan’s Self-paced Training option.

Laurent Metzger
Laurent Metzger 3xCCIE/CCDE Senior Network Architect

Hi Orhan. I passed the CCDE exam on February 22. I read everything that you put on your Self Paced CCDE Training course and it was very helpful in my success. Thank you very much.

Martin J. Duggan
Martin J. Duggan Network Architect at AT&T;, Ciscopress Author CCDE #20160006 & CCIE#7942

I attended Orhan’s April 201610 days CCDE Bootcamp. I am CCDE now !

You can tell Orhan has a great deal of experience, it really comes through when he presents his design case studies and the CCDE Practical scenarios.

Muhammad Abubakar
Muhammad Abubakar Lead Network Architect – CCDE #20160016 2xCCIE #26693 2xJNCIE VCIX

Your excellent CCDE materials and amazing Bootcamp helped me tremendously through my learning journey.Also thank you very much for being available whenever I have a design question or a complex design topics. I can’t compare your design skills and training with anyone in the industry.

I definitely strongly recommend you whoever wants to understand the network design in detail and wants to pass CCDE exam.

Jennifer Pai
Jennifer Pai Network/Security Engineer at KNET Technology

Thanks Orhan very much for this course. It helped strengthen my “Network design mind”.

Ruslan Silyayev
Ruslan Silyayev Solution Architect at R.I.S.K Company

Training by Orhan is not a CCDE preperation training only. It will be useful for engineers which are dealing with design. You want to pass CCDE exam or learn network design, then don’t look at anywhere else!

Sameer Meher
Sameer Meher Solutions Architect at 23 Wards/Japan

Orhan Ergun’s CCDE course was really very good. CCDE Level Intelligence was delivered very well and with very useful case studies and the scenarios, I am thankful to Orhan for all his help!

Ken Young
Ken Young Senior Technical Architect Province of Nova Scotia, 2xCCIE #41597 | CCDE #20170047

If anyone wants to understand network design and architecture, also pass CCDE exam , I recommend you to attend Orhan’s online courses! I am a CCDE now but learning is a journey, we will be together in your other courses too Orhan!

Matt Cross
Matt Cross Technical Architect at Heartland – CCDE #2019::7

Orhan did an excellent job of filling in the gaps of knowledge that I had that took me to the finish line of the practical exam CCDE. The community of people that Orhan facilitates are both engaging and supportive of the journey to CCDE. Orhan was always quick to answer any email or chat messages that I sent him. Overall I am very happy with the time spent engaged in the material and bootcamp. Thanks Orhan!

Shiling Ding
Shiling Ding Sentinel Technologies – CCDE #2019::12

Just passed the CCDE Practical exam! I attended Orhan Ergun’s CCDE training program , used Orhan’s Instructor Led and Self-Paced CCDE training and Online CCDE Practical Scenarios during my CCDE journey. Orhan’s CCDE In Depth book is an excellent summary book about almost all topics related to CCDE. Orhan’s practical scenarios are well organized and discussions in his webex are very valuable. Orhan’s also from time to time host webex lectures on different technology topics, I find it’s another revenue to refresh and strength my understanding of different topics. Orhan’s study group is very active, different peers share their experience, discussion and insight on not only the CCDE but also different technologies.

I surely appreciate Orhan’s excellent training materials, constant guidance and demonstrated dedication to help me get CCDE. As always, life is a constant learning experience, CCDE is only one of small steps!

Abelardo Basurto
Abelardo Basurto Solutions Architect at Cisco Systems – CCDE 2018::6

Hi everyone, I’ve just passed the CCDE Exam. My Number is CCDE 2018::6 I attended to Online CCDE Bootcamp of Orhan. I want to thank Orhan not only for the great book and bootcamp, but also for his commitment, availability and willingness to assist the CCDE community on our journey -at any time. The Online Bootcamp of Orhan was the cherry on the cake after finishing the book. For any one working on the CCDE, I highly encourage you to use his book and bootcamp

Hady Mohamed Abdellah
Hady Mohamed Abdellah Network Architect Hamad International Airport Qatar – CCDE 2018::1

Hi guys, I’m so happy that I passed the exam. I’ve already got my number CCDE 2018::1. Thanks to Orhan for being the best CCDE instructor in the world. I highly recomend Orhan’s CCDE Training and In-Depth-CCDE book. Anyone who would like to learn network design or have the CCDE certificate should join his training. He is really great mashallah, he’s done many things for me. Thanks Orhan!

Bryan Bartik
Bryan Bartik Sr. Systems Engineer at CompuNet – CCDE 20170059

Hi Orhan I passed CCDE Practical exam on November 2017 ! I really enjoyed your materials and quizzes and use cases. They were definitely helpful in my preparation. Thanks a lot !

Giedrius Trapkauskas
Giedrius Trapkauskas Network Solutions Architect at Liberty Global – CCDE 20180004

I attended Orhan’s CCDE Training in Istanbul and it was very helpful in my preparation. I passed the exam recently and I want to say Thank you Orhan! For those who want to pass the CCDE exam, definitely start with Orhan!

Alaa Issa
Alaa Issa Sr.Solutions Architect – CCDE#20180033 3xCCIE ( Collab|DC|Security )#27146

I registered to Orhan’s training in Feb 2017. From that time, I attended Orhan’s training several times. The depth of knowledge which Orhan has is amazing, and how to present such consistent knowledge to the trainees was indeed appealing.

Furthermore, Orhan is not only trainer, he was real mentor to me, He showed me the concept that “Where I’m now, and where I should go”, this is indeed the true leadership !

Mazin Ahsan Design Lead Engineer | Solutions Engineer | CCDE License # 20160030 | CCIE Licence # 23892

I passed the CCDE Practical Lab exam on November 17,2016 from supplications of elders and dedication from my Sensei Mr. Orhan Ergun I took different CCDE bootcamps in the past. Orhan has the most depth and expertise. You can discuss with him at an expert level on different technologies and he is focused. Both the bootcamp and his book helped me a lot in achieving the design skills to nail this beast. I would recommend taking his CCDE training to pass CCDE exam and learn the network design

Jeff Patterson CCDE# 2018::11

Hi Orhan I wanted to pass along my appreciation for the outstanding training material. I used the online CCDE training provided by Orhan as well as the In-Depth-CCDE book and passed the exam in February 2018. Thank you Orhan!

Mehdi Sfar
Mehdi Sfar Network and Security Architect / CCDE #20210003 | CCIE R&S; #51583

I signed up for Orhan’s CCDE Self paced Course. This course, along with the CCDE In Depth book, helped me for my CCDE Practical as well as Written exams. It pushed me to ask the "WHY" questions and allowed me to grow as a network architect. The use cases, quizz, and compare charts are all great.

Other related courses

Cisco CCNP,CCIE Security SCOR (350-701) Course

53:59:55 Hours
187 Lectures

Ahmad  Ali


Cisco CCNP Security - SCOR and FTD Bundle Course

85:09:03 Hours
284 Lectures

Ahmad  Ali


About instructor

Ahmad Ali

Cyber Security Consultant & Certified Trainer

10 Courses
Cyber Security Network Security Firewalls Cisco Firepower Cisco ASA Checkpoint Fortinet Firewalls Palo Alto Firewall CCNP Security CCNP Enterprise VPN CEH F5
I am Cyber Security Consultant and Cisco Certified Trainer with several years of experience. Teaching part time for more than 10 years’ providing classroom, on-site and online trai...
Preview this Course

  • 31:10:04 Hours On demand videos
  • 98 Lessons
  • Study Group Participation
  • Acces the Content Anywhere, Anytime
  • Certificate of Completion - Signed by Orhan Ergun
  • Compare this course with other