[CBT Nuggets] Cisco CCNP Security 300-208 SISAS [2014, ENG]

Видео уроки, книги, учебники по компьютерным сетям и коммуникациям
Торрент Сидеров Личеров Размер
7 0 1.53 ГБ
Аватара пользователя
Сообщения: 22944
Зарегистрирован: 13 янв 2016, 22:10

[CBT Nuggets] Cisco CCNP Security 300-208 SISAS [2014, ENG]

Сообщение Солнышко » 26 фев 2017, 14:29

Cisco CCNP Security 300-208 SISAS

Год выпуска: 2014
Производитель: CBT Nuggets
Сайт производителя: https://www.cbtnuggets.com/
Автор: Keith Barker
Продолжительность: 05:32:00
Тип раздаваемого материала: Видеоурок
Язык: Английский
Описание: This Implementing Cisco Secure Access Solutions (SISAS) (300-208) video training course addresses the concepts and implementation of secure access using 802.1X and Cisco Identity Services Engine (ISE). Topics covered include certificates, MAC authentication Bypass (MAB), AnyConnect Network Access Manager (NAM), active directory integration, authentication and authorization policies, profiling, posturing, MACsec, TrustSec, Sponsor Portals, BYOD, and more.

Recommended skills
CCNA Route/Switch and CCNA Security certification (or equivalent knowledge and skills)
Knowledge of Microsoft Windows
CCNA Security is a pre-requisite for the CCNP Security certification

Recommended equipment:
Windows AD
Identity Services Engine (ISE)
AnyConnect suite (NAM and profile editor)
1 or more PCs to connect to switch

Related certifications:
CCNP Security. This course (SISAS exam # 300-208) is part of the curriculum in the Cisco Certified Network Professional Security (CCNP© Security) certification

Related job functions:
Network engineer
Network technician
Network designer
Security analyst
Security auditor
Penetration tester
Security architect
Technical manager

The focus of this course is to assist you in learning how to implement and manage network access security using Cisco Identity Services Engine (ISE) and 802.1x solutions. The CCNA Wireless course is highly recommended as wireless access can be closely integrated with ISE.
1. Course Introduction (3 min)
In this Nugget, Keith welcomes you to the course and shares some tips on how you can get the most from this course.

2. ISE, ISE, Baby (24 min)
The Identity Services Engine (ISE) is a AAA server that can be used for centralized authentication, authorization, and accounting including 802.1x services. In this Nugget, Keith walks you through the configuration required to communicate between an ISE server and a switch acting as a RADIUS client.

3. 802.1x Wired (40 min)
Building on the RADIUS between the switch and the ISE server, we can configure 802.1x port-based authentication and authorization on the switch. In this Nugget, Keith demonstrates the configuration and verification of 802.1x using a native Windows supplicant.

4. CA Certificates (19 min)
Using the Public Key Infrastructure (PKI) and a CA that is already trusted by browsers, we can install a CA assigned identity certificate on our ISE server for the benefit of client verification of the ISE server. In this Nugget, Keith demonstrates how to install the root CA cert and a CA-signed ISE identity certificate on the ISE server.

5. 802.1X MAB (27 min)
MAC Authentication Bypass (MAB) can be used to authenticate devices that don't have a supplicant. In this Nugget, Keith walks you through MAB concepts, along with a demonstration of configuration and verification of MAB.

6. AnyConnect Supplicant (18 min)
The Network Access Manager (NAM) portion of AnyConnect can act as an 802.1x supplicant. In this Nugget, Keith shows you how to install and use NAM, along with an introduction to Cisco's profile manager.

7. ISE and AD (31 min)
ISE can leverage Microsoft's AD and the existing users there for 802.1x authentication. In this Nugget, Keith explains and demonstrates ISE and AD integration, including verification and troubleshooting.

8. Authorization Profiles (36 min)
In this Nugget, Keith walks you through the concepts, configuration, and verification of customized authorization profiles. AD user and computer authentication requirements and AD group membership for 802.1x authentication also are demonstrated in this video.

9. Web-Based User Authentication (31 min)
When a supplicant isn't running and there isn't a MAB entry for a MAC address, we can still authenticate a user by redirecting the user web traffic to a portal on the ISE server to allow the user to authenticate via a Web interface (WebAuth). In this Nugget, Keith explains, demonstrates, and verifies WebAuth. The switch configuration is available in the NuggetLab files for this course.

10. What is Posture? (7 min)
In this Nugget, Keith introduces you to the concept of posture and compliance checking using ISE.

11. Preparing ISE for NAC Provisioning (6 min)
ISE doesn't have updated NAC agents or posture information by default. In this Nugget, Keith walks you through how to update both of these on an ISE server.

12. Provisioning NAC agents from ISE (13 min)
This Nugget covers the policies and profiles used to provision clients with NAC agents from the ISE server.

13. Posture Compliance (13 min)
In this Nugget, Keith explains and demonstrates the implementation and verification of a posture policy using ISE and the NAC agent.

14. Profiling Endpoints (12 min)
In this Nugget, Keith explains the benefits and methods used to profile endpoints in a network managed via ISE.

15. What are MACsec and TrustSec? (6 min)
In this Nugget, Keith walks you through the concepts of MACsec and TrustSec, along with the benefits they can provide.

16. Implement TrustSec (10 min)
In this Nugget, Keith walks you through an example of configurations required on Identity Services Engine (ISE), and a Network Access Device (NAD) to implement Security Group Tag (SGT)-based Security Group Access Control Lists (SGACLs). The switch configurations used are in the NuggetLab files for this course.

17. ISE Personas (4 min)
ISE functions such as administration, policy service, monitoring, and inline posturing are referred to as personas. These functions can be implemented in a distributed ISE environment for fault tolerance and better performance. This Nugget describes those concepts.

18. Sponsor Portal Concepts (5 min)
This Nugget describes the concept of a sponsor portal to allow the receptionist to set up guest network access for users.

19. Implement an ISE Sponsor Portal (7 min)
In this Nugget, Keith shows you how to set up a Sponsor Portal on an ISE server.

20. BYOD (4 min)
In this Nugget, Keith talks with you about the Bring Your Own Device (BYOD) concept, and shares some ideas about how new computing devices could be on-boarded into an ISE environment.

21. Final Thoughts for SISAS (3 min)
In this Nugget, Keith shares some tips about preparing for the real world, as well as certification if that is your goal.
Видео: MPEG-4, 1280x720 (16:9), 15,000 кадров/сек, 500 Кбит/сек
Аудио: AAC, 22,05 КГц, 2 канала

У вас нет необходимых прав для просмотра вложений в этом сообщении.