• 100 Queen St W, Brampton, ON L6X 1A4, Canada
  • +1-800-961-0337
START DATE END DATE CLASS TIMINGS MODE LOCATION ACTION
No Classes Available in this Courses.

Securing Cisco Wireless Enterprise Networks (WISECURE v1.1)

Course Overview

To take part in the hands-on labs in this class, you have to carry a PC phone the accompanying:

  • Windows 7 or 8.1 or 10 is suggested. Macintosh OSX 10.6 or more noteworthy is bolstered also.
  • Intel Celeron or better processors are favored.
  • 1 GB or a greater amount of RAM
  • Program Requirements: Internet Explorer 10 or more prominent or Mozilla Firefox. (Safari and Mozilla Firefox for Mac OSX)
  • All understudies are required to have manager rights to their PCs and can't be signed in to an area utilizing any Group Policies that will constrain their machine's abilities.
  • On the off chance that you don't have chairman rights to your PC, you in any event require consents to download, introduce, and run Cisco Any Connect Client.
  • In the event that you are taking part in a WebEx occasion, it is very prescribed to take this class at an area that has data transfer capacity speeds at least 1 Mbps transmission capacity speeds.

Securing Cisco Wireless Enterprise Networks (WISECURE v1.1)

Course Outline

Module 1: Define Security Approaches in a Wi-Fi Design

  • Objective: Define security approaches in a Wi-Fi plan

Lesson 1: Defianing Security Areas in the Wi-Fi Design

  • Objective: Identify normal security issues affecting present day Wi-Fi plans
  • This lesson incorporates these subjects:
  • Security Challenges for IT Organizations
  • Objective: Summarize the basic security issues affecting current Wi-Fi outlines
  • Gadget Support
  • Security and Usage Policy
  • Gadget Visibility
  • Ensuring Corporate Data
  • Repudiate Access
  • IT Management Problems in a Post-PC Era
  • Present day Wi-Fi Security Concerns
  • Points of interest of a Comprehensive BYOD Approach
  • Move to BYOD: Device Diversity Is a Big IT Challenge
  • System Access: The Problem
  • How Might IT Control Access to the Network?
  • AAA Solution
  • Consistence Regulations
  • Patterns in Regulatory Compliance
  • Consistence Regulations
  • Information Breach Notification Goes Global
  • Requirement for a Security Policy
  • Security Policy Users
  • Segments of a Comprehensive Security Policy
  • Representing Policy
  • Specialized and End-User Policies
  • Norms, Guidelines, and Procedures
  • Security Policy Responsibilities
  • Security Awareness

Lesson 2: Describing Security Approaches in Wi-Fi Designs

  • Objective: Explore the numerous parts of characterizing a security engineering inside a Wi-Fi plan
  • This lesson incorporates these points:
  • Wi-Fi Network Security Objectives
  • Objective: Define the objectives of a security outline inside both wired and Wi-Fi conditions
  • Essential Security Assumptions
  • Essential Security Requirements
  • Hazard: Motivation Meets Opportunity
  • Advancement of Intent
  • Data Security Realities: Trends
  • Correspondence Security Challenges: Mobility, Emerging Threats, and Compliance
  • Approach Enforcement for Users and Devices
  • Objective: Explore the parts required to build up a run of the mill corporate client and gadget strategy
  • Cisco Lightweight Access Points
  • Remote Controller
  • Cisco ISE
  • Cisco Prime Infrastructure
  • Cisco ISE
  • Cisco ISE Technologies
  • Cisco ISE as a Policy Platform
  • Disentangled Onboarding for BYOD
  • Visitor Access Needs
  • Portray Network Access Challenges
  • Objective: Discuss run of the mill security challenges at the entrance point
  • Classifying Wireless Vulnerabilities
  • Maverick APs and Clients
  • Maverick APs (Malicious)
  • Foreswearing of Service
  • Over-the-Air Attacks
  • Web of Things
  • IoT Addressable Market Estimate: $26.9 Billion by 2016
  • Portray Security Architecture Design Principles
  • Objective: Explore normal security engineering outline standards and their effect on the Wi-Fi plan
  • What Is Defense in Depth?
  • 802.1X and EAP
  • Assurance of Management Frames
  • Visitor Access by means of Anchor Controller
  • Segment Functions in a wIPS Deployment
  • Executing AAA
  • Depict Secure Access Control
  • Objective: Provide a diagram of ideas and frameworks required to secure access control inside the Wi-Fi outline
  • Secure Access Solution Portfolio
  • Confirmation
  • Approval
  • Bookkeeping
  • Change of Authorization
  • Character Sources
  • Range
  • TACACS+
  • Depict Network Monitoring
  • Objective: Introduce the administration frameworks accessible inside the Cisco Wi-Fi condition that can be utilized amid outline, organization and activity
  • Cisco Prime Infrastructure Converged Approach
  • Cisco UWN Hierarchy
  • Cisco Prime Infrastructure Security Dashboard
  • Security Index
  • Rebel Monitoring
  • Alert Summary
  • Rebel Details
  • Cisco ISE Dashboard
  • Cisco ISE Dashboard Navigation
  • Cisco ISE Alarms
  • Cisco ISE Alarms: Misconfigured Network Device Detected

Module 2: Design and Deploy End Point and Client Security

  • Objective: Describe how to outline and convey end point and customer security

Lesson 1: Defining Endpoint and Client Standards and Features

  • Objective: Describe industry models and highlights related with secure portability and meandering
  • This lesson incorporates these subjects:
  • Portray Standards and Features
  • Objective: Describe the benchmarks and highlights
  • Confirmation
  • Confirming Devices versus Clients
  • Open Authentication
  • Encryption
  • Symmetric and Asymmetric Encryption
  • Individual Keys
  • Normal Keys
  • Lopsided Encryption Algorithms
  • Lopsided Confidentiality Process
  • Lopsided Authentication Process
  • Rivest, Shamir, and Adleman
  • Advanced Signature
  • RSA Digital Signatures
  • Put stock in Third Party
  • Put stock in Third-Party Protocols
  • Put stock in Third-Party Example
  • Testaments
  • X.509 Version 3
  • Open Key Infrastructure
  • PKI Terminology and Components
  • Confirmation Using Certificates
  • PKI in the WLAN
  • Utilizing PKI in the WLAN
  • Remote Threats
  • Remote IDS
  • IEEE 802.1X
  • IEEE 802.1X over Wireless
  • 802.1X, EAP, and the AAA Relationship
  • One of a kind Encryption Keys
  • EAP Process
  • EAP Frame Format
  • EAP-TLS Authentication Overview
  • EAP-TLS Trust Model
  • PKI with EAP-TLS
  • PEAP Authentication Overview
  • PEAP Session Key: Phase 1
  • PEAP Session Key: Phase 2
  • PEAP Deployment
  • EAP-FAST Authentication Overview
  • EAP-FAST PAC Creation
  • EAP-FAST Session Key
  • EAP Comparison
  • Range
  • Nearby EAP Authentication
  • Secure Access Control
  • Security Policy Management and Control Platform
  • Audit of Wi-Fi Security Methods
  • WPA2 and IEEE 802.11i
  • IEEE 802.11i and AES Encryption
  • WPA, WPA2, and 802.11i Comparison
  • WPA2 Authentication Modes
  • Audit WPA 2 Authentication Process
  • Audit WPA2 Key Management
  • WPA2 Authentication Modes
  • WPA2 Strengths and History
  • WPA2 and CCMP Issues
  • WPA2 GCMP Advantages
  • 802.11i WPA2 Key Hierarchy
  • Validation on Native Client Devices
  • Design WPA2 and EAP
  • Objective: Configure WPA2 and EAP in a Wi-Fi condition
  • WPA2 Personal Implementation on Cisco AireOS WLC
  • WPA and WPA2 Personal Authentication Implementation in Cisco IOS XE WLC GUI
  • WPA and WPA2 Personal Authentication Implementation: Autonomous AP
  • WPA and WPA2 Enterprise Authentication Implementation: Cisco AireOS WLC
  • WPA and WPA2 Enterprise Authentication Implementation: Cisco IOS XE WLC
  • WPA and WPA2 Enterprise Authentication Implementation: Autonomous AP
  • Executing Local EAP Authentication on Cisco WLC
  • EAP-FAST Parameters
  • Executing Local EAP Authentication on FlexConnect AP
  • Neighborhood EAP Authentication on Autonomous AP
  • Outer RADIUS Server on Cisco AireOS WLC
  • Outer RADIUS Server on Cisco IOS-XE WLC
  • Outer RADIUS Server on FlexConnect
  • Outer RADIUS Server on Autonomous AP
  • Depict Security Mobility and Roaming
  • Objective: Describe security versatility and meandering
  • Regular Scanning Behavior
  • Cisco Compatible Extensions Client Roam Triggers
  • Cisco Compatible Extensions Channel Scanning: AP-Assisted Roaming
  • Cisco Compatible Extensions Channel Scanning: Enhanced Neighbor List
  • Cisco Compatible Extensions Channel Scanning: Enhanced Neighbor List Request
  • Cisco Compatible Extensions Channel Scanning: Directed Roam Request
  • IEEE 802.11k: Radio Resource Management
  • IEEE 802.11v: Wireless Network Management
  • Assessing the AP List
  • Verification Choreography
  • Quick Secure Roaming: History
  • EAP Types Supported by Cisco CKM
  • IEEE 802.11r: Fast BSS Transition
  • Quick BSS Transition Initial Mobility Domain Association
  • Over-the-Air Fast BSS Transition
  • Arrange a Mobility Environment with WPA2 and EAP
  • Objective: Configure WPA2 and EAP for portability in a Wi-Fi condition
  • Arrange 802.11r Cisco on AireOS WLC
  • Actualizing 802.11r on Cisco IOS XE WLC
  • IEEE 802.11r Mixed-Mode Support
  • Blended Mode Configuration
  • Actualizing IEEE 802.11k

Guided Lab 1: Configure WPA2 Access

  • Objective: Configure WPA2 access on the controller to help endpoints
  • Movement Objective
  • Topology
  • Errand 1: Verify Client Setup for Testing Client Access (Optional)
  • Errand 2: Configure Required Interfaces
  • Errand 3: Configure WLANs
  • Errand 4: Configure a Local Network User on the WLAN Controller
  • Errand 5: Configure Local EAP on the Controller
  • Errand 6: Configure the Employee WLAN for Local EAP on Both Controllers
  • Errand 7: Configure the Windows Supplicant

Guided Lab 2: Configure 802.1X Access

  • Objective: Configure NADs for 802.1X and for correspondence with Cisco ISE
  • Movement Objective
  • Topology

Errand 1: Configure NADs for Cisco ISE

Module 3: Design and Deploy Cisco ISE and Management Platforms

  • Objective: Describe how to outline and convey Cisco Identity Services Engine (ISE) in Wi-Fi organize

Lesson 1: Cisco Network Security Architecture

  • Objective: Describe suggested security models in Wi-Fi arrange
  • This lesson incorporates these points:
  • Portray User Access Trends
  • Objective: Describe client get to patterns
  • How Do I Control Access to the Network?
  • Security Challenges for IT Organizations
  • Cisco ISE Architecture, Components, and Licensing
  • Objective: Describe Cisco ISE design, segments, and authorizing
  • Security Policy Management and Control Platform
  • Cisco ISE Nodes and Personas
  • Cisco ISE Nodes, Personas, and Roles
  • System Access Device
  • Cisco ISE Licensing
  • Cisco ISE Appliances
  • VM Requirements
  • Introducing Cisco ISE

Lesson 2: Profiles and Policies

  • Objective: Explain end gadget examination with Cisco ISE profiling and make strategies in Cisco ISE
  • This lesson incorporates these subjects:
  • Portray End Device Analysis with Cisco ISE Profiling
  • Objective: Explain end gadget examination with Cisco ISE profiling
  • Cisco ISE Profiler
  • Profiling Policies
  • Profiling Flow
  • Cisco ISE Probes
  • Gadget Sensor
  • Make Policies in Cisco ISE
  • Objective: Create approaches in Cisco ISE
  • Contemplations for Defining Policy Elements
  • Cisco ISE Workflow
  • Verification in Cisco ISE
  • Govern Based Authentication Policies
  • Valuable Authentication Attributes
  • Validation Policy Example
  • Approval in Cisco ISE
  • Approval Policy Rules
  • Character Groups
  • Other Authorization Conditions
  • Approval Profiles
  • Approval Policy Example
  • Change of Authorization
  • Strategy Sets

Lesson 3: Guest Access

  • Objective: Configure visitor get to and depict Cisco CMX Visitor Connect
  • This lesson incorporates these themes:
  • Design Guest Access
  • Objective: Configure visitor get to
  • Remote Guest DMZ Networks
  • Cisco Unified and Converged Access Wireless Guest Networks
  • Characterizing the Guest User
  • Visitor User Role-Based Policies
  • Visitor User Databases
  • Character Stores and Attribute Sources
  • Visitor User Database:

Lesson 4: Secure BYOD

  • Objective: Describe the protected BYOD arrangement
  • This lesson incorporates these points:
  • Arrange BYOD
  • Objective: Configure BYOD
  • Points of interest of Cisco BYOD Solution
  • Cisco Solution Components
  • Onboarding
  • Gadget Authentication for BYOD
  • Cisco ISE: Authentication and Authorization Policies Supporting BYOD
  • Single or Dual SSID in BYOD
  • Onboarding and Provisioning
  • Onboarding: Supplicant Provisioning
  • Customer Provisioning
  • BYOD Configuration
  • BYOD Authentication: CWA and IEEE 802.1X Use Cases
  • My Devices Portal
  • Cisco ISE: Device Profiling
  • BYOD Profiling with CoA
  • Portray BYOD Management and Monitoring
  • Objective: Design and Deploy Cisco ISE and Management Platforms
  • Cisco ISE and Cisco Prime Infrastructure Integration
  • Cisco ISE and Cisco Prime Infrastructure Reporting
  • Gadget 360? View Wireless Controller
  • Cisco Prime Infrastructure: Alarms and Events
  • Cisco Prime Infrastructure: Client Monitoring Dashboard
  • Cisco Prime Infrastructure: Clients and Users
  • Cisco Prime Infrastructure: Client Properties
  • Visitor Verification and Live Log in Cisco Prime Infrastructure
  • Cisco ISE Live Authentication
  • Cisco ISE Live Authentication: Details
  • Cisco ISE Live Authentication: Live Session View
  • Cisco ISE Live Authentication: Authorization
  • Cisco WLC: Authorization Diagnosis
  • Session Trace
  • Creating Reports from Prime Infrastructure
  • Revelation 1: Overview of Cisco ISE
  • Objective: Describe how to explore the Cisco ISE GUI
  • Action Objective
  • Visual Objective
  • Errand 1: Explore the Home Page
  • Errand 2: Explore the Operations Tab
  • Errand 3: Explore the Policy Tab
  • Errand 4: Explore Administration
  • Guided Lab 3: Configure RADIUS Integration
  • Objective: Configure Cisco ISE to utilize the NAD
  • Action Objective
  • Topology
  • Errand 1: Initial Login and Initial Message Management
  • Errand 2: Configure NADs on Cisco ISE
  • Errand 3: Verify or Create Airespace ACLs for Various User Groups
  • Guided Lab 4: Configure a Basic Access Policy
  • Objective: Configure an essential access arrangement for representatives
  • Action Objective
  • Topology
  • Assignment 1: Configure a Policy for Active Directory Employees and Contractors
  • Assignment 2: Wireless Client Access
  • Guided Lab 5: Configure a Contractor2 Authentication Policy
  • Objective: Etablish verification for an extra gathering of clients
  • Action Objective
  • Topology
  • Assignment 1: Policy Configuration for Contractor2
  • Guided Lab 6: Configure Hotspot Guest Access
  • Objective: Explore Cisco visitor get to arrangements and tasks
  • Action Objective
  • Topology
  • Assignment 1: Guest Settings
  • Assignment 2: Guest Locations
  • Assignment 3: Verify Airespace ACLs for Hotspot Portal Operations
  • Assignment 4: Hotspot Portal Operations
  • Guided Lab 7: CWA and Self-Registered Guest Operations
  • Objective: Explore various Cisco ISE visitor get to designs and activities
  • Action Objective
  • Topology
  • Assignment 1: Self-Registration and Employee BYOD Portal Operations

Module 4: Secure Wi-Fi Infrastructure

  • Objective: Explain how to secure the Wi-Fi framework
  • Lesson 1: Defining Endpoint and Client Standards and Features
  • Objective: Describe the present principles and highlights and how to arrange them.
  • This lesson incorporates these themes:
  • Depict the Current Standards and Features
  • Objective: Describe the present norms and highlights
  • Framework MFP
  • Framework Mode
  • Customer MFP
  • Customer and Infrastructure Mode
  • Institutionalized MFP
  • IEEE 802.11w Protection
  • MFP versus IEEE 802.11w
  • Personality Based Services
  • Utilizing Identity-Based Networking
  • Personality Based Networking Example
  • Approval Options for Users and Devices
  • VLANs and ACLs
  • Downloadable ACL versus Airspace ACL
  • Preauthentication and Postauthentication ACLs
  • Arrange MFP
  • Objective: Configure MFP
  • Arrange MFP Globally
  • MFP Settings
  • Arrange the WLAN for MFP: Security
  • Arrange the WLAN for MFP: Advanced
  • Confirm MFP
  • Arrange IEEE 802.11w PMF
  • Objective: Configure IEEE 802.11w PMF
  • Arrange Identity-Based Networking
  • Objective: Configure Identity-Based Networking
  • Cisco IOS XE TACACS+ Configuration
  • Part Based Access Control
  • Administrator User Configuration Procedure
  • Stages 1?3: Examine a Built-In, Edit, or Create an Admin Group
  • Stage 4: Configure Administrator User
  • Stages 5?6: Edit or Delete Administrator Account
  • Client Management
  • Nearby User Authentication
  • Include a Local User
  • Client Authorization
  • Outside Authentication Server
  • Verification Mode
  • Arrange SMNPv3 in the Wi-Fi Environment
  • Objective: Configure RADIUS and TACACS
  • Arrange SNMP: Autonomous AP GUI and CLI
  • Cisco WLC: Remove Default SNMP Community Names
  • Cisco WLC: Add SNMP Community Names
  • Cisco WLC: Remove SNMPv3 User Default Values
  • Cisco WLC: Add a SNMPv3 User
  • Cisco WLC: Add a SNMP Trap Receiver
  • Overseeing SNMP Trap Controls
  • SNMPv3 on Cisco IOS XE
  • SNMPv3 on Cisco ISE
  • Cisco Prime Infrastructure: Configure Controllers
  • Cisco Prime Infrastructure: Add a Controller
  • Revelation 2: Implementing SNMP v3
  • Objective: Configure the controller to actualize SNMP v3
  • Action Objective
  • Visual Objective
  • Errand 1: Use the GUI to Change the SNMP v3 User Default Values
  • Errand 2: Use the CLI to Change the SNMP v3 User Default Values
  • Revelation 3: Configure and Verify Cisco MFP
  • Objective: Configure and confirm Cisco MFP
  • Action Objective
  • Required Resources
  • Visual Objective
  • Errand 1: Enable MFP on the Cisco WLC
  • Errand 2: Create a New Local EAP Profile for EAP-FAST
  • Errand 3: Enable Local EAP on the CCNP-Demo SSID
  • Errand 4: Configure ap2 as a Workgroup Bridge for EAP-FAST Authentication to the Demo WLAN
  • Errand 5: Verify that MFP Is Active on the Connection to CCNPW-Demo

Revelation 4: Rogue AP Monitoring and Rules

  • Objective: Monitor maverick APs in Cisco WLCs and Cisco Prime Infrastructure
  • Action Objective
  • Required Resources
  • Visual Objective
  • Assignment 1: Monitor Rogue APs from the Cisco WLC
  • Assignment 2: Rogue Policies
  • Undertaking 3: Monitor Rogues in Cisco Prime Infrastructure
  • Guided Lab 8: Configure Secure Administrative Access
  • Objective: Configure secure authoritative access
  • Movement Objective
  • Topology
  • Undertaking 1: Enable RADIUS Administration on the Cisco WLC
  • Undertaking 2: Configure Local Identity Groups in Cisco ISE
  • Undertaking 3: Configure Local Users in Cisco ISE
  • Undertaking 4: Configure Authorization Profiles for Cisco WLC Admin Access in Cisco ISE
  • Undertaking 5: Configure Authorization Policies for Cisco WLC Admin Access in Cisco ISE
  • Undertaking 6: Test Cisco WLC Admin Access through RADIUS
  • Guided Lab 9: Configure a Basic Authentication Policy for an AP
  • Objective: Configure fundamental verification arrangement for an AP
  • Movement Objective
  • Topology

Undertaking 1: Policy Configuration for Network APs

Module 5: Design and Deploy Wi-Fi Access Control

  • Objective: Design and convey Wi-Fi get to control

Lesson 1: Defining Wi-FI Access Control Standards and Features

  • Objective: Explain ACLs, firewall functionalities, and how to design ACLs in the Wi-Fi condition
  • This lesson incorporates these themes:
  • Depict ACLs and Firewall Functionality
  • Objective: Describe ACLs and firewall usefulness
  • ACL Functionality and Limits
  • Firewalls
  • Firewall Ports
  • VPN Firewall: Remote Office
  • FlexConnect ACLs
  • Design ACLs in the Wi-Fi Environment
  • Objective: Configure ACLs in the Wi-Fi condition
  • Independent AP: Add an IP ACL
  • Independent AP: Configure an IP ACL
  • Independent AP: Add a MAC ACL
  • Independent AP: Apply an ACL
  • Cisco WLC: Configure a New ACL
  • Cisco WLC: Configure ACL Rules
  • Cisco WLC: Deny Counters
  • ACL Types

Guided Lab 10: Implement Profiling

  • Objective: Configure the Cisco ISE Profiler administration and administration settings
  • Action Objective
  • Topology
  • Errand 1: Configure Profiling in Cisco ISE
  • Errand 2: Configure the Feed Service (Optional)
  • Errand 3: Configure Profiling in Cisco ISE
  • Errand 4: NAD Configuration for Profiling

Guided Lab 11: Profiling and Device Onboarding

  • Objective: Configure Cisco ISE for BYOD onboarding
  • Action Objective
  • Topology
  • Errand 1: Portal Provisioning
  • Errand 2: Provisioning Configuration
  • Errand 3: Policy Configuration
  • Errand 4: Employee Laptop PC Registration

Prerequisites

The information, aptitudes, and dispositions that a student is required to have before going to this course are as per the following:

  • CCNA? R&S confirmation
  • CCNA? Wireless confirmation

It is likewise suggested that students considered for this preparation have a fundamental information of the accompanying:

  • Cisco Prime Infrastructure
  • Cisco ISE
  • Metageek Channelizer Software
  • Voice Signaling Protocols
  • Fundamental QoS
  • Cisco Application Visibility Control
  • LAN exchanging

Awards