Change location 

Course Length Format
Select an option
Implementing the Cisco NAC Appliance (CANAC) v2.1 4 days Lecture/lab
Course outline

Module 1: The NAC Appliance Solution

Lesson 1: Introducing Cisco Self-Defending Networks

  • The Changing Landscape of Security
  • The Cisco Host-Protection Strategy
  • The Cisco SDN Initiative
  • Cisco NAC Products
  • Summary

Lesson 2: Introducing NAC Appliance

  • NAC Appliance Solution
  • NAC Appliance Components
  • NAC Appliance Platforms
  • NAC Appliance Local and Remote Compliance Scenarios
  • NAC Appliance Configuration Overview
  • The NAC Appliance User Interface

Lesson 3: In-Band and Out-of-Band Deployment Options

  • Cisco NAS Deployment Options
  • In-Band and Out-of-Band Deployment Options
  • NAC Appliance OOB Deployment
  • NAC Appliance In-Band Deployment
  • Cisco NAS Operating Modes

Module 2: Configuring Common NAC Appliance Elements

Lesson 1: Configuring User Roles

  • What Is a User Role?
  • Managing User Roles
  • Defining Traffic Policies for User Roles
  • Configuring Traffic Policies for User Roles
  • Creating Local User Accounts
  • Configuring User Session Timeouts
  • Configuring Guest Access

Lesson 2: Configuring External Authentication

  • Configuring External Authentication Providers
  • Authenticating Users Against Active Directory
  • Mapping Users to User Roles
  • Testing User Authentication
  • Configuring RADIUS Accounting for Users

Lesson 3: Configuring DHCP on the Cisco NAS

  • Cisco NAS DHCP Modes
  • Enabling the DHCP Module
  • Configuring IP Ranges
  • Working with Subnets
  • Reserving IP Addresses
  • Configuring User-Specified DHCP Options

Module 3: Implementing NAC Appliance

Lesson 1: Implementing NAC Appliance In-Band Deployment

  • In-Band Process Flow
  • In-Band Deployment Configurations
  • Configuring the Cisco NAS for In-Band Deployment
  • Adding the Cisco NAS to the Managed Domain
  • Configuring the Cisco NAS Interfaces
  • Adding Managed Subnets
  • Configuring Cisco NAS VLAN Settings

Lesson 2: Implementing the Cisco VPN Single Sign-On Feature on the NAC Appliance

  • Introducing the NAC Appliance for Cisco VPN Concentrators
  • Introducing Single Sign-On Support
  • Configuring the NAC Appliance for VPN Concentrator Integration

Lesson 3: Implementing NAC Appliance Out-of-Band Deployment

  • OOB Process Flow
  • OOB Deployment Considerations
  • Adding an OOB Cisco NAS to the Cisco NAM
  • Implementing Cisco NAS OOB Operating Modes
Course labs

Prepare the Cisco NAM to Support Web-Based Administration Console Configuration
Configure User Roles
Adding an In-Band Virtual Gateway Cisco NAS to the Cisco NAM
Configure the Cisco VPN Single Sign-On Feature on the NAC Appliance
Configure Network Scanning
Configure Cisco NAA
Configure an HA In-Band VPN
Adding an OOB Virtual Gateway Cisco NAS to a HA NAC Appliance Deployment
Configure SNMP, Switch, and Port Profiles

CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, Cisco IOS, Cisco Systems, the Cisco Systems logo, and Networking Academy are registered trademarks or trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries. All other trademarks mentioned in this document or Web site are the property of their respective owners.