0 Íconos | 0,00
Go

Global Knowledge | Cursos y Certificaciones


Implementing Cisco NAC Appliance

Código del curso: CANAC
Duración: 3
Precio: €1.680,00 (sin IVA)

Añadir a favoritos | Imprimir
Temario 

In this course, you'll learn how to design & implement a Cisco NAC Appliance solution to suit your network. You will learn basic configuration tasks such as NAM and NAS deployment modes, authentication (including Windows SSO), role-based access control, posture assessment, and remediation.


Pre-requisitos
  • Fundamental knowledge of implementing network security or CCSP or Cisco Security Qualified Specialist Certification
  • SNRS or working knowledge of digital certificates
  • BSCI or working knowledge of HSRP


Próximas fechas del curso

Solicita fechas disponibles. Por favor contáctanos






    Más información

    Anyone responsible for the design, implementation, or support of a Cisco NAC Appliance installation and Cisco Channel Partners preparing for CCSP and NAC Specialist certification.

    • Given client network security requirements, explain how a NAC Appliance deployment scenario will meet or exceed those expectations
    • Configure the common elements of a NAC Appliance solution
    • Configure Active Directory Single Sign-On (AD SSO)
    • Configure VPN Single Sign-On using an ASA/PIX
    • Configure the NAC Appliance in-band and out-of-band implementation options
    • Implement the NAM and NAS High Availability to protect against downtime
    • Configure Network Scanning to audit clients and clientless hosts
    • Learn to monitor, maintain, and troubleshoot a NAC solution

    The Cisco NAC Appliance Solution

    Cisco Self-Defending Networks

  • The Changing Landscape of Security
  • The Cisco Host-Protection Strategy
  • The Cisco SDN Initiative
  • Trust & Identity
  • Cisco NAC Products

      Cisco NAC Appliance

      • Cisco NAC Appliance Solution
      • Cisco NAC Appliance Features
      • Cisco NAC Appliance Components
      • Compliance Scenarios
      • Deployment Options
      • Configuration Overview
      • User Interface

      Cisco NAC Appliance Deployment Options

      • Cisco NAC Appliance Out-of-Band (OOB) Deployment
      • Cisco NAC Appliance In-Band Deployment
      • Compare Cisco NAC Appliance Deployment Options
      • Cisco NAS Operating Modes
      • Virtual Gateway vs. Real-IP Gateway
      • Layer 2 vs. Layer 3

      Configure User Roles

      • What is a User Role?
      • Create User Roles
      • Define Traffic Policies for User Roles
      • Configure Traffic Policies for User Roles
      • Create Local User Accounts

      Configure External Authentication

      • Configure External Authentication Providers
      • Authenticate Cisco NAC Appliance Users with Kerberos
      • Authenticate Cisco NAC Appliance Users with RADIUS
      • Authenticate Cisco NAC Appliance Users with LDAP
      • Authenticate Cisco NAC Appliance Users with NT Domain
      • Map Users to User Roles
      • Test User Authentication
      • Configure RADIUS Accounting for Users
      • Adding Custom RADIUS Attributes

      Configure DHCP

      • Cisco NAS DHCP Modes
      • Enable the DHCP Module
      • Configure IP Ranges (IP Address Pools)
      • Work with Subnets
      • Reserve IP Addresses
      • Configure User-Specified DHCP Options
      • NAC Appliance Implementation

      Implement Cisco NAC Appliance

      • In-Band Deployment
      • In-Band Process Flow
      • In-Band Deployment Configurations
      • Configure the Cisco NAS for In-Band Deployment
      • Add the Cisco NAS to the Managed Domain
      • Configure the Cisco NAS Interfaces
      • Add Managed Subnets
      • Configure Cisco NAS VLAN Settings

      Implement Windows Active Directory Single Sign-On (AD SSO)

      • Kerberos Ticket Exchange
      • Confirming a NAS Ticket
      • Communications between the NAS and Active Directory
      • AD SSO Configuration Checklist
      • TCP & UPD Ports Required for AD SSO
      • Configure the NAS for AD SSO
      • Install Support Tools for Windows 2000 or 2003 Server
      • Configure the Domain Controller with ktpass.exe

      Implement Virtual Private Network Single Sign-On (VPN SSO)

      • Configuration Checklist
      • Configure a Traffic Filter
      • Add VPN Authentication Server to NAM
      • Map VPN Users to Roles on NAM
      • Enable VPN SSO on the NAS
      • Adding a VPN Device to the NAS
      • Configure RADIUS Accounting
      • Configure the VPN Gateway as a Floating Device
      • Test VPN SSO

      Implement Cisco NAC Appliance Out-of-Band Deployment

      • OOB Process Flow
      • OOB Deployment Considerations
      • Layer 2 Central & Edge Deployment
      • Layer 3 Virtual Gateway & Real-IP Gateway
      • Layer 2 & 3 Clientless Host Options
      • Differences between Cisco NAC Appliance OOB Setup and In-Band Setup
      • Implement Cisco NAS OOB Operating Modes

      Manage Switches

      • Implement Switch Management
      • Configure the Network for OOB Deployment
      • Configure Group, Switch, and Port Profiles
      • Configure Port Profiles
      • Adding Switches to the Managed Domain
      • Configuring SNMP
      • Advanced Settings
      • Configure Switch Ports to Use Port Profiles
      • Manage Switch Configuration Settings

      NAC Appliance Implementation Options

      Implement Cisco NAC Appliance on a Network

      • Implement Cisco NAC Appliance
      • General Setup Tab
      • User Pages
      • Configure Cisco NAA Support
      • Manage Certified Devices
      • Device Exemption
      • Viewing User Reports

      Implement Network Scanning

      • Configure the Quarantine Role
      • Implement Nessus Plug-Ins
      • Test a Scanning Configuration
      • Customize the User Agreement Page
      • View Scan Reports

      Configure the NAM to Implement Cisco NAC Appliance Agent on User Devices

      • Configure the Cisco NAM to Implement the Cisco NAC Appliance Agent (NAA)
      • Retrieve Updates
      • Require the Use of the Cisco NAA
      • Configure the Cisco NAA Temporary Role
      • Introduce Checks, Rules, and Requirements
      • Create a Check, Rules, and Requirements
      • Map Requirements to Rules and Roles

      Configure NAM High Availability (HA)

      • Introduce HA for Cisco NAMs
      • Establish a Serial Connection Between Managers
      • Digital Certificate Requirements
      • Configure the Primary Cisco NAM
      • Configure the Standby Cisco NAM

      Configure Cisco NAC Appliance Server (NAS) HA

      • Introduce HA for NASs
      • Implementation Considerations
      • Digital Certificate Requirements
      • Configure the Primary and Standby NAS
      • Complete the Standby NAS HA Configuration
      • Test the NAS HA Configuration
      • Configure DHCP Failover
      • NAC Appliance Monitoring and Administration

      Monitor a Cisco NAC Appliance Deployment

      • Cisco NAC Appliance Monitoring
      • Monitor Online Users
      • Monitor NAS Health Event Logs
      • Configure Basic SNMP Support
      • Configure Syslog Support

      Administer Cisco NAM

      • Define the Cisco NAM
      • Administration Module
      • Set Network and Failover Parameters
      • Manage Administration Groups
      • Manage Administration Users
      • Manage User Passwords
      • Administer the System Time
      • Manage SSL Certificates
      • Manage the Cisco NAC Appliance Software
      • Protect Your NAM Configuration

      If the NAC solution you are planning includes the following elements, then the NAC Framework course, NAC - Implementing Cisco Network Admission Control v3.0, is the better choice.

      • Exam 642-591

        This course is part of the following programs or tracks:

        • CCSP - Cisco Certified Security Professional



      © 2012 Global Knowledge Network Spain SLU. Inscrita en el Registro Mercantil de Madrid, Tomo: 10.520, Folio:1, Sección: 8, Hoja: M-166696, Inscripción: 1ª CIF: B81366668.
      Mapa del Sitio, Accessibility Policy, Política de Privacidad, Términos y Condiciones, Legal Information.
      RSS. (Srv: 222)