Implementing Cisco Unified Communications manager

Detailed Outlines

Course Outlines

0. Course Introduction

  • 0.1. Overview
  • 0.1.1. Learner Skills and Knowledge
  • 0.1.2. Course Goal and Objectives
  • 0.1.3. Course Flow
  • 0.2. Additional References

1. Module 1 – Identity Management Solution Overview

  • 1.1.2. Identity Management Models
  • 1.2. Lesson - Secure Borderless Network Architecture
  • 1.2.2. References
  • 1.3. Lesson – The Identity Enabled Network Use Case Summary
  • 1.3.1. Summary

2. Module 2 – Product Overview and Initial Configuration

  • 2.1. Module Overview
  • 2.2. Lesson - Overview RADIUS and TACACS+
  • 2.2.1. Overview
  • 2.2.2. Introduction to RADIUS
  • 2.2.3. Introduction to TACACS+
  • 2.2.4. Comparing RADIUS and TACACS+
  • 2.3. Lesson - Overview ACS 5.2
  • 2.3.2. ACS Hardware platform solutions
  • 2.3.3. ACS Software platform solutions
  • 2.3.4. Features New, Changed, and Supported with ACS 5.2
  • 2.4. Lesson - Installation ACS 5.2
  • 2.4.2. Installation on the CSACS Series Appliance
  • 2.4.3. Installation with VMware ESX Server
  • 2.4.4. Using Setup Scripts
  • 2.4.5. Licensing
  • 2.5. Lab 2-1 – Verify the ACS installation
  • 2.6. Lesson – ACS Attribute Types
  • 2.6.2. Attribute Definitions
  • 2.6.3. Attribute Value Types
  • 2.6.4. Predefined Values
  • 2.6.5. Attribute Dictionaries
  • 2.6.6. Attribute Aliases
  • 2.6.7. Availability of Attributes based on Policy
  • 2.7. Lesson – Adding Network Devices to ACS
  • 2.7.2. Network Resources
  • 2.7.3. Types of AAA Clients
  • 2.7.4. Network Device Groups - Location
  • 2.7.5. Network Device Groups – Device Type
  • 2.7.6. Network Devices and AAA Clients
  • 2.7.9. Lab 2-2 – Add Network Devices to ACS
  • 2.8. Lesson - Local Identity Store & Identity Store Sequence
  • 2.8.2. Users and Identity Stores Overview
  • 2.8.3. Internal Identity Store
  • 2.8.4. External Identity Store
  • 2.8.5. Certificate Profile
  • 2.8.6. Internal Identity Stores - Users
  • 2.8.7. Internal Identity Stores - Groups
  • 2.8.8. Internal Identity Stores - Hosts
  • 2.8.11. Lab 2-3 – Configuring ACS User and Identity Stores
  • 2.9. Module Summary

3. Module 3 – Advanced ACS Configuration and Device Management

  • 3.2. Lesson - External Identity Store with LDAP
  • 3.2.2. LDAP Overview
  • 3.2.3. External Identity Stores – OpenLDAP
  • 3.2.4. Enable LDAP Diagnostics Log
  • 3.3. Lesson – External Identity Store with Active Directory
  • 3.3.2. Interface with Active Directory
  • 3.3.3. DNS considerations
  • 3.3.4. NTP Server considerations
  • 3.3.5. Considerations of Authenticating Usernames with domains
  • 3.3.6. MAR: Machine Access Restrictions
  • 3.3.7. Windows 2008 Compatibility and feature support
  • 3.3.8. Testing connectivity between ACS and AD
  • 3.3.9. Group Names – Differences between ACS 4.x and 5.x
  • 3.3.10. Identity Store Sequences
  • 3.3.11. PAP Authentication via Kerberos
  • 3.3.14. Lab 3.1 – Configuring ACS External Identity Stores (Active Directory)
  • 3.4. Lesson - Authentication, Authorization and Accounting with TACACS+
  • 3.4.2. Shell Profile
  • 3.4.3. Command Sets
  • 3.4.4. Access Services
  • 3.4.5. Service Selection Rules
  • 3.4.6. Default Device Admin – Authorization and Identity
  • 3.4.9. Lab 3-2 - Configuring Command Authorization with ACS
  • 3.5. Lesson - Monitoring and Troubleshooting ACS
  • 3.5.1. Overview
  • 3.5.2. Cisco Secure ACS View
  • 3.5.3. Monitoring RADIUS Authentication
  • 3.5.4. Debugging RADIUS Authentication
  • 3.5.5. Monitoring RADIUS Authorization
  • 3.5.6. Debugging RADIUS Authorization
  • 3.5.7. Monitoring TACACS+ Authentication
  • 3.5.8. Debugging TACACS+ Authentication
  • 3.5.9. Monitoring TACACS+ Authorization
  • 3.5.10. Debug TACACS+ Authorization
  • 3.5.11. Debug TACACS+ Packets
  • 3.5.12. Debug TACACS+ Accounting
  • 3.5.15. Lab 3-3 – Monitor and Troubleshoot ACS
  • 3.6. Lesson - ACS and Certificate Authority
  • 3.6.2. Overview Certificate-Based Authentication
  • 3.6.3. Self-signed Certificates
  • 3.6.4. Third-party Digital Certificates
  • 3.6.7. Lab 3-4 – Install a Third-Party Digital Certificate in ACS

4. Module 4 – IEEE 802.1x with ACS 5.2

  • 4.2. Lesson – IEEE Overview
  • 4.2.1. IEEE 802.1x History
  • 4.2.2. IEEE 802.1x Introduction
  • 4.2.3. IEEE 802.1x – The Port
  • 4.2.4. EAP
  • 4.2.5. EAP-TLS
  • 4.2.6. PEAP
  • 4.3. Lesson - 802.1x Policy Elements (RADIUS)
  • 4.3.2. Policy Elements - Overview
  • 4.3.3. Policy Elements - Date and Time
  • 4.3.4. Policy Elements - Custom
  • 4.3.5. Policy Elements - Authorization Profiles
  • 4.3.6. Authorization – Downloadable ACL
  • 4.3.7. Access Policies - Service Selection Rules
  • 4.3.8. Access Policies - Access Services
  • 4.3.9. Access Policies - Identity
  • 4.4. Lesson - 802.1x and Windows XP
  • 4.4.2. Overview 802.1x and Windows XP
  • 4.4.3. Configure 802.1x
  • 4.5. Lesson - 802.1x and the Cisco Secure Services Client (SSC)
  • 4.5.1. Overview
  • 4.5.2. Overview 802.1x and SSC
  • 4.5.3. Configure 802.1x on the SSC
  • 4.6. Lesson – Configure 802.1x Single Host Authentication on a Cisco Switch
  • 4.6.2. Overview – Single Host Authentication
  • 4.6.3. Commands – Single Host Authentication
  • 4.6.4. Review Cisco Switch 802.1x configuration
  • 4.6.6. Lab 4-1 – Configure Cisco Switch, ACS, and Windows XP for Basic 802.1x Authentication
  • 4.6.7. Lab 4-2 – Configure Cisco Switch, ACS, and Windows XP for Advanced 802.1x Authentication and Authorization
  • 4.6.8. Lab 4-3 – Configure Cisco Switch and ACS for 802.1x Flexible Authentication
  • 4.7. 802.1x - Troubleshooting
  • 4.7.2. ACS, Switch & Windows Troubleshooting
  • 4.7.3. Windows XP and Switch Debug Output
  • 4.7.4. ACS Monitoring and Reports
  • 4.7.6. Lab 4-4 – Monitor and Troubleshoot ACS (AAA with RADIUS)

5. Module 5 – System Operations

  • 5.2. Lesson - Distributed Deployment
  • 5.2.1.1. Objectives
  • 5.2.2. Distributed Deployment Overview
  • 5.2.3. ACS Operation Management
  • 5.2.4. ACS Deployment Structure
  • 5.2.5. Local Operations
  • 5.2.6. Distributed System Management
  • 5.2.7. Distributed Management Operations
  • 5.2.8. Replication Overview
  • 5.2.9. Distributed Management Operations
  • 5.2.10. Local Operations
  • 5.2.11. Log Collector
  • 5.2.12. Change Password Flow
  • 5.2.14. Lab 5-1 – Configuring ACS Distributed Deployment
  • 5.3. Lesson - System Administration
  • 5.3.2. Overview – System Administration
  • 5.3.3. Administrators
  • 5.3.4. Users
  • 5.3.5. Operations
  • 5.3.6. Configuration
  • 5.3.7. Downloads
  • 5.3.9. Lab 5-2 – Maintain ACS

Objectives and Pre-requisites

Course Objectives

  • Understand how the RADIUS and TACACS+ protocols operate and what purpose they serve
  • Be familiar with all present ACS Solutions, including ACS Express, ACS Enterprise, ACS on VMware and Appliances like the CSACS-1120 Series and CSACS-1121 Series Appliances
  • Main Components of ACS
  • How to install ACS 5.2
  • How to use a Setup Script
  • How Licensing works with the ACS
  • Understand how Attributes, Value Types and Predefined Values are used
  • The different types of AAA Clients and how they access Network Resources and AAA Clients
  • How to work with a Local Identity Store & Identity Store Sequence
  • Understand Users and Identity Stores
  • Configure an External Identity Store with LDAP
  • The fundamentals of LDAP
  • How to setup LDAP SSL
  • How to set up an External Identity Store with Active Directory
  • How to perform Authentication - Command Authorization - Accounting with TACACS
  • How to monitor and Troubleshoot ACS (AAA with TACACS+)
  • Replacing digital certificates self-signed by ACS using a local Certificate Authority
  • Introduction to IEEE 802.1x and EAP – Extensible Authentication Protocol
  • 802.1x and Windows XP
  • Single Host Authentication
  • 802.1x – Single Host Authentication
  • 802.1x Troubleshooting

Prerequisites

The knowledge and skills you must have before attending this course are as follows:

  • Cisco Certified Network Associate (CCNA) certification or the equivalent in knowledge and expe-rience
  • Working knowledge of the Microsoft Windows operating system

Though not mandatory, it is also recommended that you possess:

  • Implementing Cisco IOS Network Security (IINS) certification, or the equivalent in knowledge and experience

   
 
Classroom training
Duration: 3 days
Price: US$ ----
CLC: 23

 
Course Schedule:
Egypt, Cairo,  Jan 2015
Dubai,  Feb, 2015
Qatar, Doha, May 2015

 
   PDF
PDF of this course
                                                  
 

User Rating: 0 / 5

Star inactiveStar inactiveStar inactiveStar inactiveStar inactive
 
 Privacy Policy
Terms & Conditions