Advanced Services - Cisco Secure Access Control Server (CS-ACS)

This course is for network administrators, network operators, and system administrators responsible for securing their networks to assure authorized access only by authenticated users, with accounting of their activities.

• Understanding of TCP/IP networking
• Standard AAA security concepts and terminology
• Basic understanding of security challenges facing networks
• Basic Microsoft Windows system administration
• Basic Cisco router and switch configuration (CCNA® certification equivalent)
• Basic Cisco ASA (Adaptive Security Appliance 5500 Series) or VPN concentrator configuration
• Internet Web browser

This course teaches you how to provide secure access to your network using the Cisco® Secure Access Control Server (ACS) Release 4.2 and to monitor and generate reports with ACS View. You will gain a thorough understanding of the operation of the Cisco Secure ACS to control access to network services and devices. Course subjects include the principles of authentication, to restrict user access to networks, services, and devices; authorization, to restrict the functions users can perform on services and devices; and accounting, to track the activities of users. The RADIUS, TACACS+, Extensible Authentication Protocol (EAP), and 802.1x protocols are discussed in theory and practice as the basis of network security. Specific methods and configurations are shown that can be used in your production networks to achieve targeted and detailed restrictions. The course includes hands-on labs to provide personal experience in configuring the Cisco ACS and ACS View and Cisco network devices.

• Introduction
  • Access Control in the Network
  • AAA Concepts/Technology
  • Cisco Secure ACS/ACS View Product Overviews
• Getting Started
  • ACS Server Installation and Initial Configuration
  • ACS View Installation and Initial Configuration
• Network Access Scenarios
  • Remote VPN Access Scenarios
  • Wired/Wireless 802.1x Scenario
• Device Administration Scenarios
  • Securing Device Administration using Network Access Restrictions (NAR)
  • Securing Device Administration Using Privilege Levels and CLI View
  • Securing Device Administration Using Command Authorization Sets
• Other Deployment Topics
  • Scalability and Performance
  • Database Replication
• Labs
  • ACS Windows Installation and ACS View Appliance Setup
  • Administering the ACS Windows Server
  • Administering the ACS View Server
  • Network Conguration (RADIUS)
  • Remote Access (VPN) Profile
  • Network Configuration (802.1x)
  • Wired/Wireless 802.1x Profile
  • Network Conguration (TACACS+)
  • Network Access Restrictions
  • Command Authorization Sets