0 Produkter | 0,00
Go

Global Knowledge | Kursus & Certificeringer


Implementing NAC Appliance (Cisco Clean Access)

Kursuskode: CANAC
Varighed: 3
Pris: DKR23.450,00 Exc Vat

Tilføj til Favoritter | Udskriv
Beskrivelse 

This course is designed to teach delegates how to design & implement a Cisco NAC Appliance solution to suit your network. You will learn basic configuration tasks such as NAM and NAS deployment modes, authentication (including Windows SSO), role-based access control, posture assessment, and remediation.


Forudsætninger

The knowledge and skills that a learner must have before attending this course are as follows:

  • Fundamental knowledge of implementing network security or CCSP or Cisco Security CSQ
  • SNRS or working knowledge of digital certificates
  • BCSI or working knowledge of HSRP.


Næste kursusdatoer

Spørg for datoer






    Flere informationer

    This course will be of interest for anyone responsible for the design, implementation, or support of a Cisco NAC Appliance installation and Cisco Channel Partners preparing for CCSP and NAC Specialist certification.

    At the end of the course delegates will be able to;-

    • Given client network security requirements, explain how a NAC Appliance (Cisco Clean Access) deployment scenario will meet or exceed network security requirements
    • Configure the common elements of a NAC Appliance (Cisco Clean Access) solution
    • Configure the NAC Appliance (Cisco Clean Access) in-band and out-of-band implementation options
    • Implement a highly available NAC Appliance (Cisco Clean Access) solution to mitigate network threats and facilitate network access for those users that meet corporate security requirements
    • Maintain a highly available NAC Appliance (Cisco Clean Access) deployment in medium and enterprise network environments

    Cisco Self-Defending Networks

    • The Changing Landscape of Security
    • The Cisco Host-Protection Strategy
    • The Cisco SDN Initiative
    • Trust & Identity
    • Cisco NAC Products

    Cisco NAC Appliance

    • Cisco NAC Appliance Solution
    • Cisco NAC Appliance Features
    • Cisco NAC Appliance Components
    • Compliance Scenarios
    • Deployment Options
    • Configuration Overview
    • User Interface


    Cisco NAC Appliance Deployment Options

    • Cisco NAC Appliance Out-of-Band (OOB) Deployment
    • Cisco NAC Appliance In-Band Deployment
    • Compare Cisco NAC Appliance Deployment Options
    • Cisco NAS Operating Modes
    • Virtual Gateway vs. Real-IP Gateway
    • Layer 2 vs. Layer 3

    Configure User Roles

    • What is a User Role?
    • Create User Roles
    • Define Traffic Policies for User Roles
    • Configure Traffic Policies for User Roles
    • Create Local User Accounts

    Configure External Authentication

    • Configure External Authentication Providers
    • Authenticate Cisco NAC Appliance Users with Kerberos
    • Authenticate Cisco NAC Appliance Users with RADIUS
    • Authenticate Cisco NAC Appliance Users with LDAP
    • Authenticate Cisco NAC Appliance Users with NT Domain
    • Map Users to User Roles
    • Test User Authentication
    • Configure RADIUS Accounting for Users
    • Adding Custom RADIUS Attributes

    Configure DHCP

    • Cisco NAS DHCP Modes
    • Enable the DHCP Module
    • Configure IP Ranges (IP Address Pools)
    • Work with Subnets
    • Reserve IP Addresses
    • Configure User-Specified DHCP Options

    NAC Appliance Implementation;Implement Cisco NAC Appliance In-Band Deployment

    • In-Band Process Flow
    • In-Band Deployment Configurations
    • Configure the Cisco NAS for In-Band Deployment
    • Add the Cisco NAS to the Managed Domain
    • Configure the Cisco NAS Interfaces
    • Add Managed Subnets andConfigure Cisco NAS VLAN Settings

    Implement Windows Active Directory Single Sign-On (AD SSO)

    • Kerberos Ticket Exchange
    • Confirming a NAS Ticket
    • Communications between the NAS and Active Directory
    • AD SSO Configuration Checklist
    • TCP & UPD Ports Required for AD SSO
    • Configure the NAS for AD SSO
    • Install Support Tools for Windows 2000 or 2003 Server
    • Configure the Domain Controller with ktpass.exe

    Implement Virtual Private Network Single Sign-On (VPN SSO)

    • Configuration Checklist
    • Configure a Traffic Filter
    • Add VPN Authentication Server to NAM
    • Map VPN Users to Roles on NAM
    • Enable VPN SSO on the NAS
    • Adding a VPN Device to the NAS
    • Configure RADIUS Accounting
    • Configure the VPN Gateway as a Floating Device
    • Test VPN SSO

    Implement Cisco NAC Appliance Out-of-Band Deployment

    • OOB Process Flow
    • OOB Deployment Considerations
    • Layer 2 Central & Edge Deployment
    • Layer 3 Virtual Gateway & Real-IP Gateway
    • Layer 2 & 3 Clientless Host Options
    • Differences between Cisco NAC Appliance OOB Setup and In-Band Setup
    • Implement Cisco NAS OOB Operating Modes

    Manage Switches

    • Implement Switch Management
    • Configure the Network for OOB Deployment
    • Configure Group, Switch, and Port Profiles
    • Configure Port Profiles Adding Switches to the Managed Domain
    • Configuring SNMP Advanced Settings
    • Configure Switch Ports to Use Port Profiles
    • Manage Switch Configuration Settings


    NAC Appliance Implementation Options Implement Cisco NAC Appliance on a Network

    • Implement Cisco NAC Appliance
    • General Setup Tab
    • User Pages
    • Configure Cisco NAA Support
    • Manage Certified Devices
    • Device Exemption
    • Viewing User Reports

    Implement Network Scanning

    • Configure the Quarantine Role
    • Implement Nessus Plug-Ins
    • Test a Scanning Configuration
    • Customize the User Agreement Page
    • View Scan Reports

    Configure the NAM to Implement Cisco NAC Appliance Agent on User Devices

    • Configure the Cisco NAM to Implement the Cisco NAC Appliance Agent (NAA)
    • Retrieve Updates
    • Require the Use of the Cisco NAA
    • Configure the Cisco NAA Temporary Role
    • Introduce Checks, Rules, and Requirements
    • Create a Check, Rules, and Requirements
    • Map Requirements to Rules and Roles

    Configure NAM High Availability (HA)

    • Introduce HA for Cisco NAMs
    • Establish a Serial Connection Between Managers
    • Digital Certificate Requirements
    • Configure the Primary Cisco NAM
    • Configure the Standby Cisco NAM

    Configure Cisco NAC Appliance Server (NAS) HA

    • Introduce HA for NASs
    • Implementation Considerations
    • Digital Certificate Requirements
    • Configure the Primary and Standby NAS
    • Complete the Standby NAS HA Configuration
    • Test the NAS HA Configuration
    • Configure DHCP Failover


    NAC Appliance Monitoring and Administration Monitor a Cisco NAC Appliance Deployment

    • Cisco NAC Appliance Monitoring
    • Monitor Online Users
    • Monitor NAS Health Event Logs
    • Configure Basic SNMP Support
    • Configure Syslog Support

    Administer Cisco NAM

    • Define the Cisco NAM Administration Module
    • Set Network and Failover Parameters
    • Manage Administration Groups
    • Manage Administration Users
    • Manage User Passwords
    • Administer the System Time
    • Manage SSL Certificates
    • Manage the Cisco NAC Appliance Software
    • Protect Your NAM Configuration

    This course will prepare delegates for the following exam;

    • 642-591 CANAC

    (Now part of the CCSP Certification and one of the three possible electives)


    I denne sektion

    Relaterede links

    Behov for hjælp?


    Copyright © 2012 Global Knowledge Danmark. Registreret i Danmark CVR nr. 29399700.
    Sitemap, Tilgængelighed, Privacy Policy, Salgsbetingelser, Legal Information.
    RSS. (Srv: 222)