Implementing Advanced Cisco Unified Wireless Security

IAUWS - Implementing Advanced Cisco Unified Wireless Security

Course Certifications

This course is part of the following Certifications:

• Cisco Certified Network Professional Wireless (CCNP Wireless).

Course Content

Organizational and Regulatory Security Policies:

• Regulatory Compliance
• Segmenting Traffic
• Configuring Administrative Security
• Managing WLAN Controller and Cisco WCS Alarms
• Security Audit Tools.

Secure Client Devices:

• Configuring EAP Authentication
• Impact of Security on Application and Roaming
• Configuring Cisco Secure Services Client
• Troubleshooting Wireless Connectivity.

Design and Implement Guest Access Services:

• Guest Access Architecture
• Configuring the WLAN to Support Guest Access
• Configuring Guest Access Accounts
• Troubleshooting Guest Access.

Design and Integrate Wireless Network with NAC:

• Cisco NAC Appliance Solution
• Configuring the Controller for Cisco NAC Out-of-Band Operations.

Implement Secure Wireless Connectivity Services:

• Configuring Authentication for the WLAN Infrastructure
• Configuring Management Frame Protection
• Configuring Certificate Services
• Implementing Access Control Lists
• Configuring Identity Based Networking on the Controller Issues
• Troubleshooting Secure Wireless Connectivity.

Internal and Integrated External Security Mitigations:

• Mitigating Wireless Vulnerabilities
• Using Controller-Based IDS
• Cisco's End-to-End Security Solutions
• Integrating Cisco WCS with Wireless IPS.

Labs:

• Lab 1-1: Segmenting Traffic Identifying.
• Lab 1-2: Configuring Administrative Security.
• Lab 2-1: Configuring EAP Authentication on the Clients.
• Lab 2-2: Configuring Cisco Secure Services Client.
• Lab 2-3: Troubleshooting Wireless Connectivity.
• Lab 3-1: Configure the WLAN to Support Guest Access.
• Lab 3-2: Configure a Controller to use the NAC Guest Server for Authentication.
• Lab 3-3: Troubleshooting Guest Access Issues.
• Lab 4-1: Configuring the Controller for Cisco NAC.
• Lab 5-1: Configuring Local Authentication on the WLAN Controller.
• Lab 5-2: Configuring H-REAP for WAN Failure.
• Lab 5-3: Configuring Management Frame Protection.
• Lab 5-4: Configuring Certificate Services.
• Lab 5-6: Implementing IBN.
• Lab 5-5: Implementing Access Control Lists.
• Lab 5-7: Troubleshooting H-REAP Security.
• Lab 5-8: Troubleshooting Secure Wireless Connectivity.
• Lab 6-1: Using Controller-Based IDS.

Course Objectives

After completing this training course the student will understand:

• Organizational and regulatory Security Policies.
• How to segment enterprise and quest WLAN traffic.
• Configure administration and security on a WLAN controller.
• Configure administration and security on a WLAN controller using TACACS+.
• Secure client devices using EAP authentication.
• Configure Cisco Secure Services Client.
• Design and implement guest services on a WLAN controller.
• Configure the WLAN controller for Cisco NAC.
• Configure Local authentication on the WLAN controller.
• Configure Management Frame Protection (MFP) on the WLAN controller.
• Implement Access Control Lists (ACL) on a WLAN controller.
• WLAN controller-based Intrusion Detection Signatures (IDS).
• Configure the WLAN controller to integrate with IPS and IDS appliances.