Opleidingen

Opleiding: Cisco DoD Comply-to-Connect [C2C]

OVERVIEW

The Cisco DoD Comply-to-Connect (C2C) training teaches you how to implement and deploy a Department of Defense (DoD) Comply-to-Connect network architecture using Cisco Identity Services Engine (ISE). This training covers implementation of 802.1X for both wired and wireless devices and how Cisco ISE uses that information to apply policy control and enforcement. Additionally, other topics like supplicants, non-supplicants, ISE profiler, authentication, authorization, and accounting (AAA) and public key infrastructure (PKI) support, reporting and troubleshooting are covered. Finally, C2C specific use case scenarios are covered.

This course is worth 32 Continuing Education (CE) Credits

OBJECTIVES

After completing this course you should be able to:

  • Define DoD C2C, including its steps and alignment with ISE features/functions and Zero Trust 
  • Describe Cisco Identity-Based Networking Services 
  • Explain 802.1X extensible authentication protocol (EAP) 
  • Configure devices for 802.1X operation 
  • Configure access for non-supplicant devices 
  • Describe the Cisco Identity Services Engine 
  • Explain Cisco ISE deployment 
  • Describe Cisco ISE policy enforcement concepts 
  • Describe Cisco ISE policy configuration 
  • Explain PKI fundamentals, technology, components, roles, and software supplicants 
  • Troubleshoot Cisco ISE policy and third-party network access device (NAD) support 
  • Describe Cisco ISE TrustSec configurations 
  • Describe the Cisco ISE profiler service 
  • Describe profiling best practices and reporting 
  • Configure endpoint compliance 
  • Configure client posture services 
  • Configure Cisco ISE device administration 
  • Describe the four main use cases within C2C

 

AUDIENCE

Individuals seeking the knowledge and skils involved in deploying, operating, and verifying Cisco DoD Compy-to-Connect program

CERTIFICATION

Recommended as preparation for the following exams;

  • There are no exams currently linked to this course

CONTENT

C2C Fundamentals

  • Comply to Connect
  • From C2C to ZTA
  • Steps to Implement C2C

Cisco Identity-Based Networking Services

  • Cisco IBNS Overview
  • AAA Role in Cisco IBNS
  • Compare Cisco IBNS and Cisco ISE Solutions
  • Explore Cisco IBNS Architecture Components

Configure Access for Non-Supplicant Devices

  • Configure Cisco IBNS for Non-Supplicant Devices
  • Explore IBNS 2.0 for Non-Supplicant Devices
  • Configure Cisco Central Web Authentication for Guests

Introducing Cisco ISE Architecture

  • Cisco ISE as a Network Access Policy Engine
  • Cisco ISE Use Cases
  • Cisco ISE Functions

Introducing Cisco ISE Deployment

  • Cisco ISE Deployment Models
  • Cisco ISE Licensing and Network Requirements
  • Cisco ISE Context Visibilty Features
  • New Features in Cisco ISE3.x

Introducing Cisco ISE Policy Enforcement Components

  • 802.1X for Wired and Wireless Access
  • MAC Authentication Bypass for Wired and Wireless Access
  • Identity Management
  • Active Directory Identity Source
  • Additional Identity Sources
  • Certificate Services

Introducing Cisco ISE Policy Configuration

  • Cisco ISE Policy
  • Cisco ISE Authentication Rules
  • Cisco ISE Authorization Rules

PKI and Advanced Supplicants

  • Public Key Infrastructure
  • TEAP in Comply to Connect (C2C)
  • Secure Client ISE Features and Configuration for C2C

Introducing the Cisco ISE Profiler

  • Web Access with Cisco ISE
  • ISE Profiler Overview
  • Cisco ISE Probes
  • Profiling Policy
  • Custom Attributes in Profiler

Introducing Cisco ISE Endpoint Compliance Services

  • Endpoint Compliance Services Overview

Configuring Client Posture Services and Compliance

  • Client Posture Sevices and Provisioning Configuration

Introducing Profiling Best Practices and Reporting

  • Profiling Best Practices

C2C Use Cases

  • Cisco CX ISE Reporting Tool
  • ISE Reporting
  • ISE Hardening
  • Profiling Best Practices for C2C

Troubleshooting Cisco ISE Policy and Third-Party NAD Support

  • Cisco ISE Third-Party Network Access Device Support
  • Troubleshooting Cisco ISE Policy Configuration

Exploring Cisco TrustSec

  • Cisco TrustSec Overview
  • Cisco TrustSec Enhancements
  • Cisco TrustSec Configuration

Working with Network Access Devices

  • Reviewing AAA
  • Cisco ISE TACACS+ Device Administration
  • Configuring TACACS+ Device Administration
  • TACACS+ Device Administration Guidelines and Best Practices

Labs:

  • Discovery Lab 1: Configure Initial Cisco ISE Configuration and System Certificate Usage 
  • Discovery Lab 2: Integrate Cisco ISE with Active Directory 
  • Discovery Lab 3: Configure Cisco ISE Policy for MAB 
  • Discovery Lab 4: Configure Cisco ISE Policy for 802.1X 
  • Discovery Lab 5: TEAP on Windows 
  • Discovery Lab 6: Configure Profiling 
  • Discovery Lab 7: Customize the Cisco ISE Profiling Configuration 
  • Discovery Lab 8: Configure Cisco ISE Compliance Services 
  • Discovery Lab 9: Configure Client Provisioning 
  • Discovery Lab 10: Configure Posture Policies 
  • Discovery Lab 11: Test and Monitor Compliance-Based Access
  • Discovery Lab 12: Create Cisco ISE Profiling Reports
  • Discovery Lab 13: DISA Reports
  • Discovery Lab 14: Certificate-Based Authentication for Cisco ISE Administration
  • Discovery Lab 15: Configure Cisco TrustSec 
  • Discovery Lab 16: Configure Cisco ISE for Basic Device Administration 
  • Discovery Lab 17: Configure Cisco ISE Command Authorization
Meer...
€2.995
ex. BTW
Aangeboden door
Global Knowledge Network Netherlands B.V.
Onderwerp
Cisco
Niveau
Looptijd
5 dagen
Taal
nl
Type product
cursus
Lesvorm
Klassikaal
Aantal deelnemers
Max: 16
Tijdstip
Overdag
Tijden en locaties
VIRTUAL TRAINING CENTER
ma 17 mrt. 2025
VIRTUAL TRAINING CENTER
ma 8 sep. 2025
Keurmerken aanbieder
Cedeo
CRKBO en BTW-vrijstelling
VOI
EXIN
ISO register
Microsoft Learning Partner
VMWare Partner
Oracle Education Partner
AgilePM - Agile Project Management (APMG)
ASL