In this course, you will learn how to provide secure access to your network using the Cisco Secure Access Control Server (CS-ACS) and how to monitor and generate reports with ACS view. You will gain a thorough understanding of the operation of the CS-ACS to control access to network services and devices.
You will cover the principles of:
- Authentication - to restrict user access to networks, services, and devices
- Authorization - to restrict the functions users can perform on services and devices
- Accounting - to track the activities of users
You will examine the RADIUS, TACACS+, Extensible Authentication Protocol (EAP), and 802.1x protocols in theory and practice as the basis of network security, and you will learn specific methods and configurations that can be used in your production networks to achieve targeted and detailed restrictions.
Prerequisites
- Understanding of TCP/IP networking
- Authentication, Authorization, and Accounting (AAA) security concepts and terminology
- Basic understanding of security challenges facing networks
- Basic Microsoft Windows system administration
- Basic Cisco IOS Software router and switch configuration (CCNA certifications equivalent)
- Basic Cisco ASA (Adaptive Security Appliance 5500) or VPN concentrator configuration
- Internet web browser use
What You'll Learn
- Importance of network access security and the security needs and challenges associated with a network
- Features, functions, and benefits of CS-ACS and ACS View
- Integrate Cisco Secure ACS with external user databases, such as Windows Active Directory
- Configure Cisco Secure ACS and Cisco IOS Software to implement AAA features for typical scenarios: VPN remote access, wired/wireless 802.1x network access, and device administration access
- Effectively use the Cisco Secure Access Control Server to:
- Control access to the network and network services by remote VPN, dial-in, wireless, or wired users
- Control the authority to perform specific functions
- Record and audit the activity of users on the network and on services
- Effectively use Cisco Secure ACS View to:
- Collect and consolidate ACS server logs and configuration data
- Generate access, system, and entitlement reports as well as custom and favorite reports
- Schedule (daily/weekly/monthly) reports in HTML, PDF, and CSV formats
- Monitor ACS system health
- Create real-time thresholds on specified conditions and monitor/forward alerts
Who Needs to Attend
- Network administrators, network operators, and system administrators responsible for securing their networks to assure authorized access only by authenticated users as well as accounting of the users' activities.
Course Outline
1. Introduction
- Access Control in the Network
- AAA Concepts and Technology
- Cisco Secure ACS/ACS View Product Overview
2. Getting Started
- ACS Server Installation and Initial Configuration
- ACS View Installation and Initial Configuration
3. Network Access Scenarios
- Remote VPN Access Scenarios
- Wired/Wireless 802.1x Scenario
4. Device Administration Scenarios
- Securing Device Administration using Network Access Restrictions (NAR)
- Securing Device Administration using Privilege Levels and CLI Views
- Securing Device Administration using Command Authorization Sets
5. Other Deployment Topics
- Scalability and Performance
- Database Recognition
Labs
Lab 2-1: ACS Windows Installation and ACS View Appliance Setup
Lab 2-2: Administering the ACS Windows Server
Lab 2-3: Administering the ACS View Server
Lab 3-1: Network Configuration (RADIUS)
Lab 3-2: Remote Access (VPN) Profile
Lab 3-3: Network Configuration (802.1x)
Lab 3-4 Wired/Wireless 802.1x Profile
Lab 4-1: Network Configuration (TACACS+)
Lab 4-2: Network Access Restrictions
Lab 4-3: Command Authorization Sets
Classroom Dates and Locations
Don’t see the location or date you need? No problem – just use our By Request service.
Labs
Lab 2-1: ACS Windows Installation and ACS View Appliance Setup
Lab 2-2: Administering the ACS Windows Server
Lab 2-3: Administering the ACS View Server
Lab 3-1: Network Configuration (RADIUS)
Lab 3-2: Remote Access (VPN) Profile
Lab 3-3: Network Configuration (802.1x)
Lab 3-4 Wired/Wireless 802.1x Profile
Lab 4-1: Network Configuration (TACACS+)
Lab 4-2: Network Access Restrictions
Lab 4-3: Command Authorization Sets
Classroom Dates and Locations
Don’t see the location or date you need? No problem – just use our By Request service.
Course Outline
1. Introduction
- Access Control in the Network
- AAA Concepts and Technology
- Cisco Secure ACS/ACS View Product Overview
2. Getting Started
- ACS Server Installation and Initial Configuration
- ACS View Installation and Initial Configuration
3. Network Access Scenarios
- Remote VPN Access Scenarios
- Wired/Wireless 802.1x Scenario
4. Device Administration Scenarios
- Securing Device Administration using Network Access Restrictions (NAR)
- Securing Device Administration using Privilege Levels and CLI Views
- Securing Device Administration using Command Authorization Sets
5. Other Deployment Topics
- Scalability and Performance
- Database Recognition
Labs
Lab 2-1: ACS Windows Installation and ACS View Appliance Setup
Lab 2-2: Administering the ACS Windows Server
Lab 2-3: Administering the ACS View Server
Lab 3-1: Network Configuration (RADIUS)
Lab 3-2: Remote Access (VPN) Profile
Lab 3-3: Network Configuration (802.1x)
Lab 3-4 Wired/Wireless 802.1x Profile
Lab 4-1: Network Configuration (TACACS+)
Lab 4-2: Network Access Restrictions
Lab 4-3: Command Authorization Sets
Classroom Dates and Locations
Don’t see the location or date you need? No problem – just use our By Request service.
