The Implementing Cisco NAC Appliance (CANAC) v2.1 course will provide learners with the skills and knowledge to be able to implement the Cisco NAC Appliance solution as a part of a Cisco SDN security strategy. The Cisco Self-Defending Network (SDN) strategy addresses the need for Network Admission Control (NAC). The Cisco NAC Appliance is an easily deployed software NAC solution that can automatically detect, isolate, and clean infected or vulnerable devices that attempt to access your network.

Duration

3 days, Instructor-led classroom training

Prerequisites

To fully benefit from this course, it is recommended that you have the following prerequisite skills and knowledge:

• Working knowledge of routing and switching or CCNA
• Working knowledge of VLANs or BCMSN
• Working knowledge of digital certificates or SNRS
• Working knowledge of HSRP or BCSI
• Fundamental knowledge of implementing network security or SND or CCSP or Cisco Security CQS

Who Should Attend

This course is intended for the following audience:

• Channel Partner / Reseller
• Customer
• Employee

Course Objectives

After completing this course, the student will be able to:

• Given network security requirements, select the appropriate NAC endpoint security deployment scenario that will meet or exceed network security requirements
• Configure the elements of a NAC Appliance solution
• Configure the NAC Appliance in-band and out-of-band implementation options
• Implement a highly available NAC Appliance solution to mitigate network threats and facilitate network access for those users that meet corporate security requirements
• Maintain a highly available NAC Appliance deployment in medium-sized and enterprise-sized network environments

Course Outline

1. Cisco NAC Endpoint Security Solutions
   1. Introducing Cisco Self-Defending Networks
   2. Introducing Cisco NAC Appliance
   3. Introducing In-Band and Out-of-Band Deployment Options
2. Cisco NAC Appliance Common Elements Configuration
   1. Configuring User Roles
   2. Configuring External Authentication
   3. Configuring DHCP on the Cisco NAS
3. Cisco NAC Appliance Implementation
   1. Implementing Cisco NAC Appliance In-Band Deployment
   2. Implementing the Microsoft Windows SSO Feature on the Cisco NAC Appliance
   3. Implementing the Cisco VPN SSO Feature on the Cisco NAC Appliance
   4. Implementing Cisco NAC Appliance Out-of-Band Deployment
   5. Managing Switches
4. Cisco NAC Appliance Implementation Options
   1. Implementing Cisco NAC Appliance on a Network
   2. Implementing Network Scanning
   3. Configuring the Cisco NAM to Implement the Cisco NAA on User Devices
   4. Configuring Cisco NAM High Availability
   5. Configuring Cisco NAS High Availability
5. Cisco NAC Appliance Monitoring and Administration
   1. Monitoring a Cisco NAC Appliance Deployment
   2. Administering the Cisco NAM

Hands-on Lab Exercises

• Lab 1-1: Preparing the Cisco NAM to Support Web-Based Administration Console Configuration
• Lab 2-1: Configuring User Roles
• Lab 3-1: Adding an In-Band Virtual Gateway Cisco NAS to the Cisco NAM
• Lab 3-2: Configuring the Microsoft Windows Active Directory SSO Feature on the Cisco NAC Appliance
• Lab 3-3: Configuring the Cisco VPN SSO Feature on the Cisco NAC Appliance
• Lab 4-1: Configuring the Cisco NAA
• Lab 4-2: Configuring an HA In-Band VPN Cisco NAC Appliance Solution
• Lab 3-4: Adding an Out-of-Band Virtual Gateway Cisco NAS to an HA Cisco NAC Appliance Deployment
• Lab 3-5: Configuring SNMP, Switch, and Port Profiles for an Out-of-Band Cisco NAC Appliance Deployment

      Inquire to find out about pricing and course specials.