This course teaches you how to provide secure access to your network using the Cisco® Secure Access Control Server (ACS) Release 4.2 and to monitor and generate reports with ACS View. You will gain a thorough understanding of the operation of the Cisco Secure ACS to control access to network services and devices. Course subjects include the principles of authentication, to restrict user access to networks, services, and devices; authorization, to restrict the functions users can perform on services and devices; and accounting, to track the activities of users. The RADIUS, TACACS+, Extensible Authentication Protocol (EAP), and 802.1x protocols are discussed in theory and practice as the basis of network security. Specific methods and configurations are shown that can be used in your production networks to achieve targeted and detailed restrictions. The course includes hands-on labs to provide personal experience in configuring the Cisco ACS and ACS View and Cisco network devices.

Course Objectives
Upon completion of this course, you should be able to:
Describe the importance of network access security needs and challenges associated with a network
Understand the features, functions, and benefits of the Cisco Secure ACS and ACS View
Integrate Cisco Secure ACS with external user databases, such as Windows Active Directory
Configure Cisco Secure ACS and Cisco IOS® Software to implement AAA features for typical scenarios: VPN remote access, wired/wireless 802.1x network access, and device administration access
Effectively use Cisco Secure ACS to:
Control access to the network and to network services by remote VPN, wireless, or wired users
Control the authority to perform specific functions
Record and audit the activity of users on the network and on services
Effectively use Cisco Secure ACS View to:
Collect and consolidate ACS server logs and configuration data
Generate access, system, and entitlement reports as well as custom and favorite reports
Schedule (dialy/weekly/monthly) reports in HTML, PDF, and CSV formats
Monitor ACS system health
Create real-time thresholds on specified conditions and monitor/forward alerts

Course Outline

The course outline is as follows:
Module 1: Introduction
Access Control in the Network
AAA Concepts/Technology
Cisco Secure ACS/ACS View Product Overviews
Module 2: Getting Started
ACS Server Installation and Initial Configuration
ACS View Installation and Initial Configuration
Module 3: Network Access Scenarios
Remote VPN Access Scenarios
Wired/Wireless 802.1x Scenario
Module 4: Device Administration Scenarios

Securing Device Administration using Network Access Restrictions (NAR)
Securing Device Administration Using Privilege Levels and CLI View
Securing Device Administration Using Command Authorization Sets
Module 5: Other Deployment Topics
Scalability and Performance
Database Replication

Lab Outline

The lab outline is as follows:
Module 2: Getting Started
Lab 2-1: ACS Windows Installation and ACS View Appliance Setup
Lab 2-2: Administering the ACS Windows Server
Lab 2-3: Administering the ACS View Server
Module 3: Network Access Scenarios
Lab 3-1: Network Conguration (RADIUS)
Lab 3-2: Remote Access (VPN) Profile
Lab 3-3: Network Configuration (802.1x)
Lab 3-4’ Wired/Wireless 802.1x Profile
Module 4: Device Administration Scenarios
Lab 4-1: Network Conguration (TACACS+)
Lab 4-2: Network Access Restrictions
Lab 4-3: Command Authorization Sets