Cisco ACS Training | Implementing Cisco Secure Access Control System Training v5.6

Cisco ACS Training | Implementing Cisco Secure Access Control System Training v5.6

Print Friendly, PDF & Email

Introduction:

Cisco ACS Training | Implementing Cisco Secure Access Control System Training v5.6 Course Description

Eno’s Cisco ACS Training | Implementing Cisco Secure Access Control System Training v5.6 course is a 3-day immersion into designing, implementing and troubleshooting Cisco’s Secure ACS Solution.

This Cisco ACS Training | Implementing Cisco Secure Access Control System Training course teaches you how to provide secure access to network resources using the Cisco® Secure Access Control System (ACS) 5.6, interoperating with security features in Cisco’s IOS® Software. You will gain a thorough understanding of the operation of the Cisco Secure ACS to control access to network services and devices.

Cisco ACS Training | Implementing Cisco Secure Access Control System Training Course subjects include the principles of authentication, to restrict user access to networks, services, and devices; authorization, to restrict the functions users can perform on services and devices; and accounting, to track the activities of users. The RADIUS, TACACS+, Extensible Authentication Protocol (EAP), and 802.1x protocols are discussed in theory and practice as the basis of network security.

Specific methods and configurations are shown that can be used in your production networks to achieve targeted and detailed restrictions. The Cisco ACS Training | Implementing Cisco Secure Access Control System Training course includes hands-on labs to provide personal experience in configuring Cisco ACS and Cisco network devices.

This Cisco ACS Training | Implementing Cisco Secure Access Control System Training course will expose you to the tasks of designing, implementing and troubleshooting “Triple A” services (authentication, authorization, and accounting services) using Cisco’s ACS and IOS technology. The benefits of this course are to be found in its real-world approach, putting you in the shoes of the consultant implementing these services.

By the end of the Cisco ACS Training | Implementing Cisco Secure Access Control System Training course, you will feel like you didn’t just take a class, but participated in the design, deployment, and management of an ACS 5.6 solution. Many engineers will benefit from this course when they use the implementation plan and checklists included in this course during their own projects.

Duration: 3 days

Cisco ACS Training | Implementing Cisco Secure Access Control System Training
 
Cisco ACS Training | Implementing Cisco Secure Access Control System TrainingRelated Courses
 

Customize It:

• If you are familiar with some aspects of this Cisco ACS Training | Implementing Cisco Secure Access Control System Training course, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the Cisco ACS Training | Implementing Cisco Secure Access Control System Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Cisco ACS Training | Implementing Cisco Secure Access Control System Training course in manner understandable to lay audiences.

Objectives:

After completing this Cisco ACS Training | Implementing Cisco Secure Access Control System Training course, attendees will be able to:

• Understand how the RADIUS and TACACS+ protocols operate and what purpose they serve
• Be familiar with all present ACS Solutions, including ACS Express, ACS Enterprise, ACS on VMware and Appliances like the CSACS-1120 Series and CSACS-1121 Series Appliances
• Main Components of ACS
• How to install ACS
• How to use a Setup Script
• How Licensing works with the ACS
• Understand how Attributes, Value Types and Predefined Values are used
• The different types of AAA Clients and how they access Network Resources and AAA Clients
• How to work with a Local Identity Store & Identity Store Sequence
• Understand Users and Identity Stores
• Configure an External Identity Store with LDAP
• The fundamentals of LDAP
• How to setup LDAP SSL
• How to set up an External Identity Store with Active Directory
• How to perform Authentication – Command Authorization – Accounting with TACACS
• How to monitor and Troubleshoot ACS (AAA with TACACS+)
• Replacing digital certificates self-signed by ACS using a local Certificate Authority
• Introduction to IEEE 802.1x and EAP – Extensible Authentication Protocol
• 802.1x and Windows XP
• Single Host Authentication
• 802.1x – Single Host Authentication
• 802.1x Troubleshooting

Cisco ACS Training | Implementing Cisco Secure Access Control System Training Course Outline:

0. Course Introduction

0.1. Overview
0.1.1. Learner Skills and Knowledge
0.1.2. Course Goal and Objectives
0.1.3. Course Flow
0.2. Additional References

1. Module 1 – Identity Management Solution Overview

1.1.2. Identity Management Models
1.2. Lesson – Secure Borderless Network Architecture
1.2.2. References
1.3. Lesson – The Identity Enabled Network Use Case Summary
1.3.1. Summary

2. Module 2 – Product Overview and Initial Configuration

2.1. Module Overview
2.2. Lesson – Overview RADIUS and TACACS+
2.2.1. Overview
2.2.2. Introduction to RADIUS
2.2.3. Introduction to TACACS+
2.2.4. Comparing RADIUS and TACACS+
2.3. Lesson – Overview ACS
2.3.2. ACS Hardware platform solutions
2.3.3. ACS Software platform solutions
2.3.4. Features New, Changed, and Supported with ACS 5.6
2.4. Lesson – Installation ACS
2.4.2. Installation on the CSACS Series Appliance
2.4.3. Installation with VMware ESX Server
2.4.4. Using Setup Scripts
2.4.5. Licensing
2.5. Lab 2-1 – Verify the ACS installation
2.6. Lesson – ACS Attribute Types
2.6.2. Attribute Definitions
2.6.3. Attribute Value Types
2.6.4. Predefined Values
2.6.5. Attribute Dictionaries
2.6.6. Attribute Aliases
2.6.7. Availability of Attributes based on Policy
2.7. Lesson – Adding Network Devices to ACS
2.7.2. Network Resources
2.7.3. Types of AAA Clients
2.7.4. Network Device Groups – Location
2.7.5. Network Device Groups – Device Type
2.7.6. Network Devices and AAA Clients
2.7.9. Lab 2-2 – Add Network Devices to ACS
2.8. Lesson – Local Identity Store & Identity Store Sequence
2.8.2. Users and Identity Stores Overview
2.8.3. Internal Identity Store
2.8.4. External Identity Store
2.8.5. Certificate Profile
2.8.6. Internal Identity Stores – Users
2.8.7. Internal Identity Stores – Groups
2.8.8. Internal Identity Stores – Hosts
2.8.11. Lab 2-3 – Configuring ACS User and Identity Stores
2.9. Module Summary

3. Module 3 – Advanced ACS Configuration and Device Management

3.2. Lesson – External Identity Store with LDAP
3.2.2. LDAP Overview
3.2.3. External Identity Stores – OpenLDAP
3.2.4. Enable LDAP Diagnostics Log
3.3. Lesson – External Identity Store with Active Directory
3.3.2. Interface with Active Directory
3.3.3. DNS considerations
3.3.4. NTP Server considerations
3.3.5. Considerations of Authenticating Usernames with domains
3.3.6. MAR: Machine Access Restrictions
3.3.7. Windows 2008 Compatibility and feature support
3.3.8. Testing connectivity between ACS and AD
3.3.9. Group Names – Differences between ACS 4.x and 5.x
3.3.10. Identity Store Sequences
3.3.11. PAP Authentication via Kerberos
3.3.14. Lab 3.1 – Configuring ACS External Identity Stores (Active Directory)
3.4. Lesson – Authentication, Authorization and Accounting with TACACS+
3.4.2. Shell Profile
3.4.3. Command Sets
3.4.4. Access Services
3.4.5. Service Selection Rules
3.4.6. Default Device Admin – Authorization and Identity
3.4.9. Lab 3-2 – Configuring Command Authorization with ACS
3.5. Lesson – Monitoring and Troubleshooting ACS
3.5.1. Overview
3.5.2. Cisco Secure ACS View
3.5.3. Monitoring RADIUS Authentication
3.5.4. Debugging RADIUS Authentication
3.5.5. Monitoring RADIUS Authorization
3.5.6. Debugging RADIUS Authorization
3.5.7. Monitoring TACACS+ Authentication
3.5.8. Debugging TACACS+ Authentication
3.5.9. Monitoring TACACS+ Authorization
3.5.10. Debug TACACS+ Authorization
3.5.11. Debug TACACS+ Packets
3.5.12. Debug TACACS+ Accounting
3.5.15. Lab 3-3 – Monitor and Troubleshoot ACS
3.6. Lesson – ACS and Certificate Authority
3.6.2. Overview Certificate-Based Authentication
3.6.3. Self-signed Certificates
3.6.4. Third-party Digital Certificates
3.6.7. Lab 3-4 – Install a Third-Party Digital Certificate in ACS

4. Module 4 – IEEE 802.1x with ACS 5.6

4.2. Lesson – IEEE Overview
4.2.1. IEEE 802.1x History
4.2.2. IEEE 802.1x Introduction
4.2.3. IEEE 802.1x – The Port
4.2.4. EAP
4.2.5. EAP-TLS
4.2.6. PEAP
4.3. Lesson – 802.1x Policy Elements (RADIUS)
4.3.2. Policy Elements – Overview
4.3.3. Policy Elements – Date and Time
4.3.4. Policy Elements – Custom
4.3.5. Policy Elements – Authorization Profiles
4.3.6. Authorization – Downloadable ACL
4.3.7. Access Policies – Service Selection Rules
4.3.8. Access Policies – Access Services
4.3.9. Access Policies – Identity
4.4. Lesson – 802.1x and Windows XP
4.4.2. Overview 802.1x and Windows XP
4.4.3. Configure 802.1x
4.5. Lesson – 802.1x and the Cisco Secure Services Client (SSC)
4.5.1. Overview
4.5.2. Overview 802.1x and SSC
4.5.3. Configure 802.1x on the SSC
4.6. Lesson – Configure 802.1x Single Host Authentication on a Cisco Switch
4.6.2. Overview – Single Host Authentication
4.6.3. Commands – Single Host Authentication
4.6.4. Review Cisco Switch 802.1x configuration
4.6.6. Lab 4-1 – Configure Cisco Switch, ACS, and Windows XP for Basic 802.1x Authentication
4.6.7. Lab 4-2 – Configure Cisco Switch, ACS, and Windows XP for Advanced 802.1x Authentication and Authorization
4.6.8. Lab 4-3 – Configure Cisco Switch and ACS for 802.1x Flexible Authentication
4.7. 802.1x – Troubleshooting
4.7.2. ACS, Switch & Windows Troubleshooting
4.7.3. Windows XP and Switch Debug Output
4.7.4. ACS Monitoring and Reports
4.7.6. Lab 4-4 – Monitor and Troubleshoot ACS (AAA with RADIUS)

5. Module 5 – System Operations

5.2. Lesson – Distributed Deployment
5.2.1.1. Objectives
5.2.2. Distributed Deployment Overview
5.2.3. ACS Operation Management
5.2.4. ACS Deployment Structure
5.2.5. Local Operations
5.2.6. Distributed System Management
5.2.7. Distributed Management Operations
5.2.8. Replication Overview
5.2.9. Distributed Management Operations
5.2.10. Local Operations
5.2.11. Log Collector
5.2.12. Change Password Flow
5.2.14. Lab 5-1 – Configuring ACS Distributed Deployment
5.3. Lesson – System Administration
5.3.2. Overview – System Administration
5.3.3. Administrators
5.3.4. Users
5.3.5. Operations
5.3.6. Configuration
5.3.7. Downloads
5.3.9. Lab 5-2 – Maintain ACS

Labs

Whether you are looking for general information or have a specific question, we want to help!
 
Request More Information

    Time frame:

    0