Facebook LinkedIn Twitter
AFI

CISCO - Securing Cisco Wireless Enterprise Networks (WISECURE) v1.1

CISCO - Securing Cisco Wireless Enterprise Networks (WISECURE) v1.1

Référence : WISECURE v1.1

Durée : 5 jours

Crédits de formation : 44

Cette formation est offerte en français. Le matériel didactique est en anglais.

© CISCO.

This course provides students with the guidelines for implementing Wi-Fi security architectures through proper configuration of Cisco wireless components. WISECURE provides students hands-on labs to reinforce concepts. Concepts taught include deploying Cisco AireOS 8.0, Prime Infrastructure release 2.2, and Identity Services Engine release 1.3 features.

Public concerné

  • Network engineers and technicians
  • Test Engineers
  • Network Designers, Administrators and Managers
  • Mid-level Wireless Support Engineers
  • Project Managers

Prérequis

CCNA Route & Switch certification and/or CCNA Wireless certification or completion of at least one of the following courses:
 
In addition, It is recommended that you have a basic knowledge of the following:
  • Cisco Prime Infrastructure
  • Cisco ISE
  • Metageek Channelizer Software
  • Voice Signaling protocols
  • Basic QoS
  • Cisco Application Visibility Control
  • LAN Switching

Objectifs

Upon completion of the course, students will have the knowledge and skills to:
 
  • Define security approaches in a Wi-Fi design
  • Describe how to design and deploy end point and client security
  • Describe how to design and deploy ISE in a Wi-Fi network
  • Explain how to secure the Wi-Fi infrastructure
  • Design and deploy Wi-Fi access control
  • Describe management and monitoring capabilities in the Wi-Fi environment

Contenu

Module 1 Define Security Approaches in a Wi Fi Design
 
  • Security Areas in a Wi-Fi Design
  • Security Challenges for IT Organizations
  • Security Approaches in Wi-Fi Designs
  • Policy Enforcement
  • Cisco Prime Infrastructure
  • Cisco ISE/ISE as a Policy Platform
  • Network Access Challenges and Secure Access Control
  • Network Monitoring
  • Prime Infrastructure Converged Approach and Security Dashboard
  • Cisco ISE Dashboard and ISE Alarms

Module 2 Design and Deploy Endpoint and Client Security

  • Defining Endpoint, Client Standards and Features
  • X.509 v3
  • PKI
  • IEEE 802.1X
  • EAP, EAP-TLS and PKI with EAP-TLS
  • PEAP and PEAP Deployment
  • EAP-FAST
  • RADIUS
  • Configure WPA and WPA2 in a Wi-Fi Environment
  • Security Mobility and Roaming
Module 3 Design and Deploy Cisco ISE and Management Platforms
  • Cisco Network Security Architecture
  • User Access Trends
  • Cisco ISE Architecture, Components and Licensing
  • End Device Analysis with Cisco ISE Profiling
  • Create Policies in Cisco ISE
  • Configure Guest Access
  • Cisco CMX Visitor Connect
  • Secure BYOD/BYOD Management and Monitoring
  • Cisco ISE and ISE GUI
Module 4 Secure Wi Fi Infrastructure
  • Current Standards and Features
  • Client and Infrastructure Mode and MFP
  • MFP vs IEEE802.11w
  • VLANs vs ACLs
  • MFP Configuration
  • IEEE 802.11w PMF
  • Identity-Based Networking
  • SMNPv3 in Wi-Fi environment
Module 5 Design and Deploy Wi Fi Access Control
  • Wi-Fi access control standards and features
  • ACLs and Firewall Functionality
  • Configure ACLs in Wi-Fi environment
Module 6 Design and Deploy Monitoring Capabilities
  • Threat and Interference Mitigation Approaches in Wi-Fi
  • Primary Security Concerns
  • Rogue Detection and Mitigation in Wi-Fi Environment
  • Management, Monitoring and Configuring Parameters
  • Cisco CleanAir
  • Cisco Prime Infrastructure Air Quality Monitoring and Reporting
  • Monitoring RRM
Labs:
  • Configuring WPA2 Access
  • Configuring 802.1X Access
  • Configuring RADIUS Integration
  • Configuring a Basic Access Policy
  • Configuring a Contractor2 Authentication Policy
  • Configuring Hotspot Guest Access
  • CWA and Self-Registered Guest Operations
  • Implementing SNMP v3
  • Configuring and Verifing Cisco MFP
  • Monitoring Rogue AP
  • Configuring Secure Administrative Access
  • Configuring a Basic Authentication Policy for an AP
  • Implementing Profiling
  • Profiling and Device Onboarding
  • Cisco ISE Profiling Reports
  • Guest Reports
  • Live Logs and Client 360 View
  • Security Report Operations
  • Using System Security Verification Tools