Implementing the Cisco NAC Appliance

Firefly

Course

Inhouse

Price on request

The best Cisco courses

See all

See all

Description

  • Type

    Course

  • Methodology

    Inhouse

  • Duration

    4 Days

The NAC Appliance (Cisco Clean Access) is a "shrinkwrapped" network admission control solution that recognizes users, their devices and roles; evaluates the security posture of the endpoint and scans for vulnerabilities; and enforces policy in the network. In particular, prior to allowing users onto the network, the NAC Appliance solution allows administrators to authenticate, authorize. Suitable for: This course is designed for Cisco customers, channel partners, and employees who want to learn how to implement and manage the NAC applicance.

About this course

CCSP or equivalent knowledge
BCMSN or working knowledge of VLANs.
SNRS or working knowledge of digital certificates.
BCSI or working knowledge of HSRP
Basic knowledge of Microsoft Windows

Questions & Answers

Add your question

Our advisors and other users will be able to reply to you

Who would you like to address this question to?

Fill in your details to get a reply

We will only publish your name and question

Reviews

Course programme

Course description
The NAC Appliance (Cisco Clean Access) is a "shrink-wrapped" network admission control solution that recognizes users, their devices and roles; evaluates the security posture of the endpoint and scans for vulnerabilities; and enforces policy in the network. In particular, prior to allowing users onto the network, the NAC Appliance solution allows administrators to authenticate, authorize, interrogate and remediate users and their machines enforcing policy based access control on the network.

With the skills and knowledge learned in this course, the you will be able to configure a NAC Appliance to recognize users, their devices, and their roles in the network, and to evaluate and enforce machine security policy compliance.


Learning objectives
After you complete this course, you will be able to:
  • Explain how a NAC Appliance deployment scenario addresses network security requirements
  • Configure the common elements of a NAC Appliance solution
  • Configure the NAC Appliance in-band and out-of-band implementation options
  • Implement a highly available NAC Appliance solution to mitigate network threats and facilitate network access for those users that meet corporate security requirements
  • Maintain a highly available NAC Appliance deployment in medium and enterprise network environments

Who should attend
This course is designed for Cisco customers, channel partners, and employees who want to learn how to implement and manage the NAC applicance.


Recommended prerequisites
  • CCSP or equivalent knowledge
  • BCMSN or working knowledge of VLANs.
  • SNRS or working knowledge of digital certificates.
  • BCSI or working knowledge of HSRP
  • Basic knowledge of Microsoft Windows

boilerplate --> Course outline
Module 1: The NAC Appliance Solution
Lesson 1: Introducing Cisco Self-Defending Networks
  • The Changing Landscape of Security
  • The Cisco Host-Protection Strategy
  • The Cisco SDN Initiative
  • Cisco NAC Products
  • Summary
Lesson 2: Introducing NAC Appliance
  • NAC Appliance Solution
  • NAC Appliance Components
  • NAC Appliance Platforms
  • NAC Appliance Local and Remote Compliance Scenarios
  • NAC Appliance Configuration Overview
  • The NAC Appliance User Interface
Lesson 3: In-Band and Out-of-Band Deployment Options
  • Cisco NAS Deployment Options
  • In-Band and Out-of-Band Deployment Options
  • NAC Appliance OOB Deployment
  • NAC Appliance In-Band Deployment
  • Cisco NAS Operating Modes
Module 2: Configuring Common NAC Appliance Elements
Lesson 1: Configuring User Roles
  • What Is a User Role?
  • Managing User Roles
  • Defining Traffic Policies for User Roles
  • Configuring Traffic Policies for User Roles
  • Creating Local User Accounts
  • Configuring User Session Timeouts
  • Configuring Guest Access
Lesson 2: Configuring External Authentication
  • Configuring External Authentication Providers
  • Authenticating Users Against Active Directory
  • Mapping Users to User Roles
  • Testing User Authentication
  • Configuring RADIUS Accounting for Users
Lesson 3: Configuring DHCP on the Cisco NAS
  • Cisco NAS DHCP Modes
  • Enabling the DHCP Module
  • Configuring IP Ranges
  • Working with Subnets
  • Reserving IP Addresses
  • Configuring User-Specified DHCP Options
Module 3: Implementing NAC Appliance
Lesson 1: Implementing NAC Appliance In-Band Deployment
  • In-Band Process Flow
  • In-Band Deployment Configurations
  • Configuring the Cisco NAS for In-Band Deployment
  • Adding the Cisco NAS to the Managed Domain
  • Configuring the Cisco NAS Interfaces
  • Adding Managed Subnets
  • Configuring Cisco NAS VLAN Settings
Lesson 2: Implementing the Cisco VPN Single Sign-On Feature on the NAC Appliance
  • Introducing the NAC Appliance for Cisco VPN Concentrators
  • Introducing Single Sign-On Support
  • Configuring the NAC Appliance for VPN Concentrator Integration
Lesson 3: Implementing NAC Appliance Out-of-Band Deployment
  • OOB Process Flow
  • OOB Deployment Considerations
  • Adding an OOB Cisco NAS to the Cisco NAM
  • Implementing Cisco NAS OOB Operating Modes
Course labs
Prepare the Cisco NAM to Support Web-Based Administration Console Configuration
Configure User Roles
Adding an In-Band Virtual Gateway Cisco NAS to the Cisco NAM
Configure the Cisco VPN Single Sign-On Feature on the NAC Appliance
Configure Network Scanning
Configure Cisco NAA
Configure an HA In-Band VPN
Adding an OOB Virtual Gateway Cisco NAS to a HA NAC Appliance Deployment
Configure SNMP, Switch, and Port Profiles

See related categories

Implementing the Cisco NAC Appliance

Price on request

The best Cisco courses

See all

See all