Download PDF
of this course

CS-ACS - Cisco Secure Access Control System (CS-ACS)

  • Overview
  • Who Should Attend
  • Certifications
  • Prerequisites
  • Objectives
  • Content
  • Schedule
Course Overview

Course Duration: 3 Days.
CS-ACS - Cisco Secure Access Control System - This course uses typical network access and device administration scenarios to teach students how to provide and monitor secure access to their network using the Cisco® Secure Access Control System v5.x. The classroom scenarios highlight how to use the ACS servers to secure and monitor wired/wireless 802.1x network access and device administration access.
The course lecture and extensive hands-on lab exercises include the principles of authentication, authorization, and accounting (AAA); RADIUS; TACACS+; Extensible Authentication Protocol (EAP); and 802.1x protocols.

Who Should Attend

  • Network administrators and operators
  • System administrators

Course Certifications

This course is part of the following Certifications:

Prerequisites

  • Understanding of TCP/IP networking
  • Standard AAA security concepts and terminology
  • Basic understanding of security challenges facing networks
  • Basic Microsoft Windows system administration
  • Basic Cisco router and switch configuration (CCNA® certification equivalent)
  • Internet web browser use

Course Objectives

  • Describe the importance of network access security and the security needs and challenges associated with a network
  • Understand the features, functions, and benefits of Cisco Secure ACS v5.x
  • Understand the considerations when deploying Cisco Secure ACS servers (centralized or distributed environment)
  • Integrate Cisco Secure ACS with external user databases, such as LDAP and Windows Active Directory
  • Configure Cisco Secure ACS with certificate authorities
  • Configure Cisco Secure ACS and Cisco IOS® Software for AAA services
  • Effectively use Cisco Secure ACS to:
    • Control access to the network and to network services
    • Restrict access to network devices to authorized network administrators or programmatic interfaces for device administration
    • Control the administrator's authority to perform specific functions
    • Record and audit the activity of users on the network and on services
  • Effectively use Cisco Secure ACS’s reporting, monitoring, and troubleshooting features to:
    • Collect and consolidate ACS server logs and configuration data
    • Generate access, system, and entitlement reports as well as customize favorite reports
    • Monitor ACS system health
    • Create real-time thresholds on specified conditions and monitor/forward alerts
    • Troubleshoot AAA services and protocols

Course Content

Module 1: Identity Management Solution Overview
  • Reviewing Identity Management
  • Understanding Borderless Security
Module 2: Product Overview and Initial Configuration
  • Reviewing RADIUS and TACACS+
  • Reviewing Cisco Secure ACS v5.x
  • Installing Cisco Secure ACS v5.x
  • Understanding Cisco Secure ACS Attributes and Dictionaries
  • Adding Network Devices to Cisco Secure ACS
  • Configuring Identity Stores and Identity Sequence
Module 3: Advanced Cisco Secure ACS Configuration and Device Management
  • Configuring LDAP External Identity Store
  • Configuring Active Directory External Identity Store
  • Configuring AAA with TACACS+
  • Understanding Cisco Secure ACS with Certificate Authority
  • Monitoring, Reporting, and Troubleshooting AAA
Module 4: IEEE 802.1x with Cisco Secure ACS v5.x
  • Introducing IEEE 802.1x
  • Reviewing IEEE 802.1x Policy Elements (RADIUS)
  • Configuring IEEE 802.1x and Windows XP, Vista, and 7
  • Configuring IEEE 802.1x with Cisco Secure Services Client (SSC)
  • Using IEEE 802.1x Port-Based Authentication
  • Troubleshooting IEEE 802.1x
Module 5: System Operations
  • Configuring Distributed Deployment
  • Configuring Cisco Secure ACS System Administration Features
Lab Outline:
Module 2: Cisco Secure ACS Initial Configuration
  • Lab 2-1: Cisco Secure ACS Postinstallation
  • Lab 2-2: Define and Configure AAA Clients
  • Lab 2-3: Local ACS Identity Store
Module 3: Advanced Cisco Secure ACS Configuration and Device Management
  • Lab 3-1: Remote Identity Store (Active Directory)
  • Lab 3-2: Configure Command Authorization
Module 4: IEEE 802.1x with Cisco Secure ACS
  • Lab 4-1: Configure 802.1x Authentication with EAP-FAST
  • Lab 4-2: Configure 802.1x VLAN Assignments
Module 5: System Operations
  • Lab 5-1: Distributed Deployment

Course ID: CS-ACS


Show Schedule for 1 Month  3 Months  All 
Date Country Location Register