Overview This course teaches you how to provide secure access to your network using the Cisco® Secure Access Control Server (ACS) and to monitor and generate reports with ACS View. You will gain a thorough understanding of the operation of the Cisco Secure ACS to control access to network services and devices. Course subjects include the principles of authentication, to restrict user access to networks, services, and devices; authorization, to restrict the functions users can perform on services and devices; and accounting, to track the activities of users. The RADIUS, TACACS+, Extensible Authentication Protocol (EAP), and 802.1x protocols are discussed in theory and practice as the basis of network security. Specific methods and configurations are shown that can be used in your production networks to achieve targeted and detailed restrictions. The course includes hands-on labs to provide personal experience in configuring the Cisco ACS and ACS View and Cisco network devices.
Pre-Requisites
Following are the prerequisites for this course:
- Understanding of TCP/IP networking
- AAA security concepts and terminology
- Basic understanding of security challenges facing networks
- Basic Microsoft Windows system administration
- Basic Cisco IOS Software router and switch configuration (CCNA® certifications equivalent)
- Basic Cisco ASA (Adaptive Security Appliance 5500) or VPN concentrator configuration
- Internet Web browser use
Next Course Dates
Dates available on request. Please contact us
More Information
This course is for network administrators, network operators, and system administrators responsible for securing their networks to assure authorized access only by authenticated users, with accounting of their activities.
Upon completion of this course, you should be able to:
- Describe the importance of network access security needs and challenges associated with a network
- Understand the features, functions, and benefits of the Cisco Secure ACS and ACS View
- Integrate Cisco Secure ACS with external user databases, such as Windows Active Directory
- Configure Cisco Secure ACS and Cisco IOS® Software to implement AAA features for Education Data Sheet
- Effectively use Cisco Secure ACS to:
Control access to the network and to network services by remote VPN, wireless, or wired users
Control the authority to perform specific functions
Record and audit the activity of users on the network and on services
- Effectively use Cisco Secure ACS View to:
Collect and consolidate ACS server logs and configuration data
Generate access, system, and entitlement reports as well as custom and favorite reports
Schedule (dialy/weekly/monthly) reports in HTML, PDF, and CSV formats
Monitor ACS system health
Create real-time thresholds on specified conditions and monitor/forward alerts
The course outline is as follows:
Module 1: Introduction
- Access Control in the Network
- AAA Concepts/Technology
- Cisco Secure ACS/ACS View Product Overviews
Module 2: Getting Started
- ACS Server Installation and Initial Configuration
- ACS View Installation and Initial Configuration
Module 3: Network Access Scenarios
- Remote VPN Access Scenarios
- Wired/Wireless 802.1x Scenario
Module 4: Device Administration Scenarios
- Securing Device Administration using Network Access Restrictions (NAR) Education Data Sheet
- Securing Device Administration Using Privilege Levels and CLI View
- Securing Device Administration Using Command Authorization Sets
Module 5: Other Deployment Topics
- Scalability and Performance
- Database Replication
Lab Outline
- The lab outline is as follows:
Module 2: Getting Started
- Lab 2-1: ACS Windows Installation and ACS View Appliance Setup
- Lab 2-2: Administering the ACS Windows Server
- Lab 2-3: Administering the ACS View Server
Module 3: Network Access Scenarios
- Lab 3-1: Network Conguration (RADIUS)
- Lab 3-2: Remote Access (VPN) Profile
- Lab 3-3: Network Configuration (802.1x)
- Lab 3-4’ Wired/Wireless 802.1x Profile
Module 4: Device Administration Scenarios
- Lab 4-1: Network Conguration (TACACS+)
- Lab 4-2: Network Access Restrictions
- Lab 4-3: Command Authorization Sets