# Security BGP ​EBGP/IBGP ​IBGP issues ​BGP Attributes/Parameters ​Distribute-list\&Prefix-list ​BGP authentication ​Directly and Non-Directly connected neighbor ​BGP Peer-Group ​BGP Design Time-based Acl IPv6 -​IPv6 structure -​Static/Dynamic routing -​Access-list -​Different ipv6 packet types -​Eui-64 -​Global unique address -​Local unique address -​Multicast -​Loopback -​Link local MPLS ``` Vrf VPNv4 MPLS foundation ``` Fhrp(Hsrp/Vrrp/Glbp) Ios-Dhcp/Relay-Agent (Dora process) Ntp Basic Router\&Switch security Tftp-Server Ip sla monitor Dns Switching ​Hist of switching ​Vlan ​Access/trunk port ​Intervlan-routing ``` Router with physical Router on stick model L3-switching ``` ​Spanning-tree protocol ​Portfast ​Uplinfast ​Backbone ​Bpdu guard/filter ​Port-security ​Dot1x-authentication ​Dhcp-snooping & dai ​Etherchannel ​Span/Rspan ​Vlan Acls ​Private vlan ​Vtp ​Ethernet-frame \[1] Cisco ASA ->Installation of ASA ->Interface Configuration -> Traffic-Flow Thru Firewall To Firewall ->Static\&Default Routes ->Dynamic Routing Protocols RIP with Authentication & Redistribution EIGRP with Authentication & Redistribution OSPF with Authentication & Redistribution BGP with Authentication & Redistribution -> ASA as Dhcp / Relay-Agent ->NTP with Authentication ->Management Protocols -> Redundent-interface ->Port-Channel ->Route Tracking Using Sla ->Backing up Files ->Translations Dynamic NAT & Dynamic PAT\ Static NAT & Static PAT Backup NAT with PAT\ Identity NAT NAT-Exemption Policy-NAT ->FHRP = HSRP / VRRP / GLBP\ ->Failover / High-Availablity ->Multi-Context / Security-Context With Physical-interface , Sub-interface & Shared-interface ->Failover in Combination with Multi-Context Active / Standby Active / Active ->Zone-Based Firewall (ZBF) \[2] Cisco FirePower Threat Detection (FTD) ->Installation of FTD / FMC ->Basic Initialization of FTD / FMC thru CLI / GUI -> Onboarding / Registeration of FTD on FMC\ ->Interface Configuration ->Static & Dynamic Routing Protocols With Redistribution (Rip / Ospf / Bgp) ->Inter-Zone Communication ->Translations Auto-NAT Manual-NAT\ ->High Availability ->Advance ACP ->VPN -> NextGen Firewall Features Geo-Location Block Url Filteration Application Visibilty Control (AVC) IPS \[3] PALO-ALTO Firewall ->Installation of Palo-Alto Firewall -> Basic Initialization of of Palo-Alto thru GUI ->Interface Configuration - IPv4/IPv6 -> Inter & Intra-Zone Commincation ->Static\&Dynamic Routing Protocols - IPv4/IPv6 RIP\ Configuration Authentication Redistribution Injecting Default Route OSPF\ Configuration Authentication Redistribution Injecting Default Route Multi-Area Communication Area-Types Virtual-Link BGP EBGP/IBGP\ Configuration Authentication Redistribution Next-Hop-Self Route-Reflector Route-Summarization Injecting Default Route ->Translation DNAT / SNAT\ DPAT / SPAT\ U-Turn NAT ->High Availability ->VPN IPv4 / IPv6 Site-To-Site VPN\ Multi-Vendor VPN -> NextGen Firewall Features APP-ID\ Url Filtering Content-ID\ User-ID\ Wild-Fire Decryption \[4] VPN ->Point-To-Point GRE\ ->MGRE - Manual -> DMVPN PHASE I / II / III Single & Dual Hub ->IPSEC Router To Router Router To ASA / ASA To ASA Router To Router Thru ASA Lan To Lan with NAT-T Lan To Lan without NAT-T IPv4 / IPv6 IPv6 To IPv6 Over IPv4 IKev1 / Ikev2 -> IPSec Over PTPGRE\ Tunnel Mode Transport Mode SVTI -> IPSec Over DMVPN Tunnel Mode Transport Mode ->GET VPN ->RSA in Detail ->CA-Server in Detail Operation Root-CA / Intermediate-CA Root Certificate / ID-Certificate Certificate Chain Records HandShake Record Change Cipher Spec Record Alert Record Application Data Record -> SSL VPN Remote-Access VPN\ AnyConnect VPN