WISECURE – Securing Cisco Wireless Enterprise Networks
COURSE CONTENT
In Securing Cisco Wireless Enterprise Networks (WISECURE) you will learn how to secure Cisco wireless networks and gain a firm command of the critical guidelines for implementing Wi-Fi security architectures though proper configuration of Cisco wireless components. Via multiple hands-on labs, you will be able to practice key concepts and topics in deploying Cisco AireOS 8.0, Cisco Prime Infrastructure Release 2.2 and Cisco Identity Services Engine Release 1.3.
WHO SHOULD ATTEND
- Network engineers and technicians
- Test Engineers
- Network Designers, Administrators and Managers
- Mid-level Wireless Support Engineers
- Project Managers
Certifications: This course is part of the following certification track:
- Cisco Certified Network Professional Wireless (CCNP Wireless)
CERTIFICATIONS
This course is part of the following Certifications:
PREREQUISITES
CCNA Route & Switch certification and/or CCNA Wireless certification or completion of at least one of the following courses:
- Implementing Cisco Wireless Network Fundamentals (WIFUND)
- Interconnecting Cisco Network Devices Part 1, Version (ICND1)
- Interconnecting Cisco Network Devices Part 2, Version (ICND2)
In addition, It is recommended that you have a basic knowledge of the following:
- Cisco Prime Infrastructure
- Cisco ISE
- Metageek Channelizer Software
- Voice Signaling protocols
- Basic QoS
- Cisco Application Visibility Control
- LAN Switching
COURSE OBJECTIVES
Upon successful completion of this course, you will be able to:
- Identify and design security strategies in a Wi-Fi design
- Design and deploy Cisco ISE and management platforms
- Secure a Wi-Fi infrastructure
- Design and deploy End Point and Client security
- Design and deploy Wi-Fi access control
- Design and deploy advanced monitoring capabilities
FOLLOW ON COURSES
OUTLINE: Securing Cisco Wireless Enterprise Networks (WISECURE)
Module 1 Define Security Approaches in a Wi Fi Design
- Security Areas in a Wi-Fi Design
- Security Challenges for IT Organizations
- Security Approaches in Wi-Fi Designs
- Policy Enforcement
- Cisco Prime Infrastructure
- Cisco ISE/ISE as a Policy Platform
- Network Access Challenges and Secure Access Control
- Network Monitoring
- Prime Infrastructure Converged Approach and Security Dashboard
- Cisco ISE Dashboard and ISE Alarms
Module 2 Design and Deploy Endpoint and Client Security
- Defining Endpoint, Client Standards and Features
- X.509 v3
- PKI
- IEEE 802.1X
- EAP, EAP-TLS and PKI with EAP-TLS
- PEAP and PEAP Deployment
- EAP-FAST
- RADIUS
- Configure WPA and WPA2 in a Wi-Fi Environment
- Security Mobility and Roaming
Module 3 Design and Deploy Cisco ISE and Management Platforms
- Cisco Network Security Architecture
- User Access Trends
- Cisco ISE Architecture, Components and Licensing
- End Device Analysis with Cisco ISE Profiling
- Create Policies in Cisco ISE
- Configure Guest Access
- Cisco CMX Visitor Connect
- Secure BYOD/BYOD Management and Monitoring
- Cisco ISE and ISE GUI
Module 4 Secure Wi Fi Infrastructure
- Current Standards and Features
- Client and Infrastructure Mode and MFP
- MFP vs IEEE802.11w
- VLANs vs ACLs
- MFP Configuration
- IEEE 802.11w PMF
- Identity-Based Networking
- SMNPv3 in Wi-Fi environment
Module 5 Design and Deploy Wi Fi Access Control
- Wi-Fi access control standards and features
- ACLs and Firewall Functionality
- Configure ACLs in Wi-Fi environment
Module 6 Design and Deploy Monitoring Capabilities
- Threat and Interference Mitigation Approaches in Wi-Fi
- Primary Security Concerns
- Rogue Detection and Mitigation in Wi-Fi Environment
- Management, Monitoring and Configuring Parameters
- Cisco CleanAir
- Cisco Prime Infrastructure Air Quality Monitoring and Reporting
- Monitoring RRM
Labs:
- Configuring WPA2 Access
- Configuring 802.1X Access
- Configuring RADIUS Integration
- Configuring a Basic Access Policy
- Configuring Hotspot Guest Access
- CWA and Self-Registered Guest Operations
- Configuring Secure Administrative Access
- Configuring a Basic Authentication Policy for an AP
- Implementing Profiling
- Profiling and Device Onboarding
- Cisco ISE Profiling Reports
- Guest Reports
- Live Logs and Client 360 View
- Security Report Operations
- Using System Security Verification Tools