دانلود ویدئو آموزشی Cisco CCNP Security 300-208 SISAS

دوره CCNP Security گواهینامه ای است که بطور اخص برای امنیت شبکه سیسکو در روترها، سوئیچ ها، دستگاهها و وسایل شبکه همراه با انتخاب، گسترش، پشتیبانی و عیب یابی فایروال ها، VPNs و راه حلهای IDs/IPS در محیط های شبکه می باشد.در دوره CCNP Security نحوه پیاده سازی ویژگی های امنیتی روترها و سوئیج ها شامل Zone based Firewall، Cisco IOS IPS و UserBased Firewall به دانشجویان آموزش داده خواهد شد. در پایان این دوره دانشجویان به تنظیم امنیت، Firewall ،VPN و IPS بر روی انواع روتر و سوئیچ های سیسکو خواهند بود. دوره CCNA Security شامل مباحث زیر می باشد:

• (Implementing Cisco Secure Access Solutions (SISAS با شماره امتحان 208-300
• (Implementing Cisco Edge Network Security Solutions (SENSS با شماره امتحان 206-300
• (Implementing Cisco Secure Mobility Solutions (SIMOS با شماره امتحان 209-300
• (Implementing Cisco Threat Control Solutions (SITCS با شماره امتحان 207-300

این دوره پیاده سازی راه حلهای دسترسی ایمن (SISAS) است که بخشی از برنامه ی آموزشی CCNP است. هدف دوره ارائه دانش بنیادی و تواناییهای پیاده سازی و مدیریت دسترسی امن شبکه با استفاده از محصولات ISE سیسکو به دانشجویان می باشد. دانشجو تجربه عملی با تنظیمات پیشرفته راه حل های امنیتی گوناگون سیسکو برای کاهش تهدیدات خارج و تامین امنیت دستگاه های متصل به شبکه به دست خواهد آورد. در پایان دوره، دانشجو قادر خواهد بود خطرات احتمالی به زیر ساخت IT را کاهش دهد و پشتیبانی عملی و کنترل دسترسی به شبکه را ارائه کند.

Cisco CCNP Security 300-208 SISAS

Year: 2014
Manufacturer: CBT Nuggets
Manufacturer Website: https://www.cbtnuggets.com/
Author: Keith Barker
Duration: 5:32:00
Type of material dispensed: Video Tutorial
English language
Description: This Implementing Cisco Secure Access Solutions (SISAS) (300-208) video training course addresses the concepts and implementation of secure access using 802.1X and Cisco Identity Services Engine (ISE). Topics covered include certificates, MAC authentication Bypass (MAB), AnyConnect Network Access Manager (NAM), active directory integration, authentication and authorization policies, profiling, posturing, MACsec, TrustSec, Sponsor Portals, BYOD, and more.
Recommended skills
CCNA Route / Switch and CCNA Security certification (or equivalent knowledge and skills)
Knowledge of Microsoft Windows
CCNA Security is a pre-requisite for the CCNP Security certification
Recommended equipment:
Switch
Windows AD
Identity Services Engine (ISE)
AnyConnect suite (NAM and profile editor)
1 or more PCs to connect to switch

Related certifications:
CCNP Security. This course (SISAS exam # 300-208) is part of the curriculum in the Cisco Certified Network Professional Security (CCNP © Security) certification
Related job functions:
Network engineer
Network technician
Network designer
Security analyst
Security auditor
Penetration tester
Security architect
Technical manager
The focus of this course is to assist you in learning how to implement and manage network access security using Cisco Identity Services Engine (ISE) and 802.1x solutions. The CCNA Wireless course is highly recommended as wireless access can be closely integrated with ISE.

Content
1. Course Introduction (3 min)
In this Nugget, Keith welcomes you to the course and shares some tips on how you can get the most from this course.
2. ISE, ISE, Baby (24 min)
The Identity Services Engine (ISE) is a AAA server that can be used for centralized authentication, authorization, and accounting including 802.1x services. In this Nugget, Keith walks you through the configuration required to communicate between an ISE server and a switch acting as a RADIUS client.
3. 802.1x Wired (40 min)
Building on the RADIUS between the switch and the ISE server, we can configure 802.1x port-based authentication and authorization on the switch. In this Nugget, Keith demonstrates the configuration and verification of 802.1x using a native Windows supplicant.
4. CA Certificates (19 min)
Using the Public Key Infrastructure (PKI) and a CA that is already trusted by browsers, we can install a CA assigned identity certificate on our ISE server for the benefit of client verification of the ISE server. In this Nugget, Keith demonstrates how to install the root CA cert and a CA-signed ISE identity certificate on the ISE server.
5. 802.1X MAB (27 min)
MAC Authentication Bypass (MAB) can be used to authenticate devices that do not have a supplicant. In this Nugget, Keith walks you through MAB concepts, along with a demonstration of configuration and verification of MAB.
6. AnyConnect Supplicant (18 min)
The Network Access Manager (NAM) portion of AnyConnect can act as an 802.1x supplicant. In this Nugget, Keith shows you how to install and use NAM, along with an introduction to Cisco’s profile manager.
7. ISE and AD (31 min)
ISE can leverage Microsoft’s AD and the existing users there for 802.1x authentication. In this Nugget, Keith explains and demonstrates ISE and AD integration, including verification and troubleshooting.
8. Authorization Profiles (36 min)
In this Nugget, Keith walks you through the concepts, configuration, and verification of customized authorization profiles. AD user and computer authentication requirements and AD group membership for 802.1x authentication also are demonstrated in this video.
9. Web-Based User Authentication (31 min)
When a supplicant is not running and there is not a MAB entry for a MAC address, we can still authenticate a user by redirecting the user web traffic to a portal on the ISE server to allow the user to authenticate via a Web interface ( WebAuth). In this Nugget, Keith explains, demonstrates, and verifies WebAuth. The switch configuration is available in the NuggetLab files for this course.
10. What is Posture? (7 min)
In this Nugget, Keith introduces you to the concept of posture and compliance checking using ISE.
11. Preparing ISE for NAC Provisioning (6 min)
ISE does not have updated NAC agents or posture information by default. In this Nugget, Keith walks you through how to update both of these on an ISE server.
12. Provisioning NAC agents from ISE (13 min)
This Nugget covers the policies and profiles used to provision clients with NAC agents from the ISE server.
13. Posture Compliance (13 min)
In this Nugget, Keith explains and demonstrates the implementation and verification of a posture policy using ISE and the NAC agent.
14. Profiling Endpoints (12 min)
In this Nugget, Keith explains the benefits and methods used to profile endpoints in a network managed via ISE.
15. What are MACsec and TrustSec? (6 min)
In this Nugget, Keith walks you through the concepts of MACsec and TrustSec, along with the benefits they can provide.
16. Implement TrustSec (10 min)
In this Nugget, Keith walks you through an example of configurations required on Identity Services Engine (ISE), and a Network Access Device (NAD) to implement Security Group Tag (SGT) -based Security Group Access Control Lists (SGACLs). The switch configurations used are in the NuggetLab files for this course.
17. ISE Personas (4 min)
ISE functions such as administration, policy service, monitoring, and inline posturing are referred to as personas. These functions can be implemented in a distributed ISE environment for fault tolerance and better performance. This Nugget describes those concepts.
18. Sponsor Portal Concepts (5 min)
This Nugget describes the concept of a sponsor portal to allow the receptionist to set up guest network access for users.
19. Implement an ISE Sponsor Portal (7 min)
In this Nugget, Keith shows you how to set up a Sponsor Portal on an ISE server.
20. BYOD (4 min)
In this Nugget, Keith talks with you about the Bring Your Own Device (BYOD) concept, and shares some ideas about how new computing devices could be on-boarded into an ISE environment.
21. Final Thoughts for SISAS (3 min)
In this Nugget, Keith shares some tips about preparing for the real world, as well as certification if that is your goal.