TechNow is in no way associated with SANS or GIAC, but has courses that are similar in subject matter:
- TN-345: Python for Penetration Testers
- TN-865: Wireshark Network Traffic and Security Analysis
- TN-901: Linux for Security Professionals
- TN-909: Windows Forensic Analysis
- TN-913: Cloud Security Fundamentals
- TN-919: Penetration Tester Course
- TN-929: Security Essentials Training Course
- TN-939: Hacker Techniques, Exploits, and Incident Handling Course
- TN-949: Certified Firewall Analyst Course
- TN-959: UNIX Security Administrator Course
- TN-969: Windows Security Administrator Course
- TN-979: Intrusion Analyst Course
- TN-989: Advanced Penetration Testing, Exploits, and Ethical Hacking Course
- TN-999: Reverse Engineering Malware Course
TechNow has heard many students talk about virtualized/remote training that TechNow Does Not Do. While training our most recent offering of PA-215: Palo Alto Networks Firewall Essentials FastTrack a student told his story of how he endend up in our course. His story we have heard for other technologies like Cisco, VMware, BlueCoat and other products.
A large percentage of training is moving to the virtualized/remote lab environments. Students are asked to use some variant of remote access software and remote into the training company's lab environment. Our student in our Palo Alto Networks Firewall course informed us that he went to a very costly offering of that course from the vendor and was not able to perform any labs. There were either network connectivity issues, or issues with the remote access software, or other problems. The whole training experience was very frustrating and not productive.
We keep our labs open to students if they would like after hours, or before hours access. Repeatedly going through a lab engrains that knowledge for later recall. Touching hardware is so critical in understanding the problems that arise when a cable comes loose, or a cable gets plugged in the wrong port. There are other scenarios such as just pulling the power cable, or turning off a power strip, or accidently overwriting a configuration. These disaster scenarious requires hands-on physical access to hardware. Preventing and recovering from disasters is what it's all about, and that requires hands-on, instructor led, real hardware.
Course Overview:
Cisco DoD Comply-to-Connect (C2C) course teaches you how to implement and deploy a Department of Defense (DoD) Comply-to-Connect network architecture using Cisco Identity Services Engine (ISE). This training covers implementation of 802.1X for both wired and wireless devices and how Cisco ISE uses that information to apply policy control and enforcement. Additionally, other topics like supplicants, non-supplicants, ISE profiler, authentication, authorization, and accounting (AAA) and public key infrastructure (PKI) support, reporting and troubleshooting are covered. Finally, C2C specific use case scenarios are covered.
This training also earns you 32 Continuing Education (CE) credits toward recertification.
Dates/Locations:
Duration: 5 days
Course Outline:
Section 1: C2C Fundamentals
- Comply to Connect Overview
- From C2C to ZTA
- Steps to Implement C2C
Section 2: Cisco Identity-Based Networking Services
- Cisco IBNS Overview
- AAA Role in Cisco IBNS
- Compare Cisco IBNS and Cisco ISE Solutions
- Explore Cisco IBNS Architecture Components
Section 3: Introducing Cisco ISE Architecture
- Cisco ISE as a Network Access Policy Engine
- Cisco ISE Use Cases
- Cisco ISE Functions
Section 4: Introducing Cisco ISE Deployment
- Cisco ISE Deployment Models
- Cisco ISE Licensing and Network Requirements
- Cisco ISE Context Visibility Features
- New Features in Cisco ISE 3.X
Section 5: Introducing Cisco ISE Policy Enforcement Components
- 802.1X for Wired and Wireless Access
- MAC Authentication Bypass for Wired and Wireless Access
- Identity Management
- Active Directory Identity Source
- Additional Identity Sources
- Certificate Services
Section 6: Introducing Cisco ISE Policy Configuration
- Cisco ISE Policy
- Cisco ISE Authentication Rules
- Cisco ISE Authorization Rules
Section 7: PKI and Advanced Supplicants
- Public Key Infrastructure (PKI)
- TEAP in Comply to Connect (C2C)
- Secure Client ISE features and Configuration for C2C
Section 8: Introducing the Cisco ISE Profiler
- Web Access with Cisco ISE
- ISE Profiler
- Cisco ISE Probes
- Profiling Policy
- Custom Attributes in Profile
Section 9: Introducing Cisco ISE Endpoint Compliance Services
- Endpoint Compliance Services Overview
Section 10: Configuring Client Posture Services and Compliance
- Client Posture Services and Provisioning Configuration
Section 11: Introducing Profiling Best Practices and Reporting
- Profiling Best Practices
Section 12: C2C Use Cases
- Cisco CX ISE Reporting Tool
- ISE Reporting
- ISE Hardening
- Profiling Best Practices for C2C
Section 13: C2C Third-Party Integrations-Tenable
- Tenable Use Case
- Tenable Overview and Capabilities
- Tenable Integration Prerequisites
- Tenable Integration Configuration
- Policy Design
- Policy Enforcement
- Enforcement Verification
Section 14: C2C Third-Party Integrations-MECM
- MECM Use Case
- MECM Overview and Capabilities
- MECM Integration Prerequisites
- MECM Integration Configuration
- Policy Design
- Policy Enforcement
- Enforcement Verification
Section 15: C2C Third-Party Integrations-Trellix
- Trellix Use Case
- Trellix Overview and Capabilities
- Trellix Integration Prerequisites
- Trellix Integration Configuration
- Policy Enforcement
- Enforcement Verification
Section 16: Troubleshooting Cisco ISE Policy and Third-Party NAD
- Cisco ISE Third-Party Network Access Device Support
- Troubleshooting Cisco ISE Policy Configuration
Section 17: Exploring Cisco TrustSec
- Cisco TrustSec Overview
- Cisco TrustSec Enhancements
- Cisco TrustSec Configuration
Section 18: Working with Network Access Devices
- Reviewing AAA
- Cisco ISE TACACS+ Device Administration
- Configuring TACACS+ Device Administration
- TACACS+ Device Administration Guidelines and Best Practices
Course Prerequisites:
There are no prerequisites for this training. However, the knowledge and skills you are recommended to have before attending this training are:
- Familiarity with 802.1X
- Familiarity with Microsoft Windows Operating Systems
- Familiarity with Cisco IOS CLI for wired and wireless network devices
- Familiarity with Cisco Identity Service Engine
TechNow has been involved in enterprise client server architectures since 1990. TechNow has delivered national and international implementations for Valero, Wholefoods, Quest, USAA, Golfsmith, AMD, Motorola, and many other fortune 1000 corporations,
TechNow's training program has followed the evolution of enterprise computing into virtualization and cloud computing. With a focus on security, TechNow can present the ramifications of many centralized strategies. All courses utilize enterprise instructors with experience and can discuss the detail of implementation and the integration into an existing infrastructure.
