Implementing Cisco Secure Access Control System (ACS) v5.2 (ACS)

Fast Lane's Cisco Secure Access Control System (ACS) Version 5.2 course is a 3 day immersion into designing, implementing and troubleshooting Cisco's Secure ACS Solution.

The primary audience for this course is as follows:

• Security professionals, Security Architects, Security Engineers, and Network administrators responsible for securing their networks to assure authorized access only by authenticated users, with accounting of their activities.

The secondary audience for this course is as follows:

• Cisco channel partners who sell, implement, and maintain Cisco ACS Solutions
• Cisco engineers who support the sale of Cisco ACS solutions

The knowledge and skills that you must have before attending this course are as follows:

• Cisco Certified Network Associate (CCNA) certification or the equivalent in knowledge and experience
• Working knowledge of the Microsoft Windows operating system

Though not mandatory, you should also attend:

• Implementing Cisco IOS Network Security (IINS) certification or the equivalent in knowledge and experience

Upon completing the ACS 5.2 Course, you will be able to:

• Understand how the RADIUS and TACACS+ protocols operate and what purpose they serve
• Understand all present ACS Solutions, including ACS Express, ACS Enterprise, ACS on VMware and Appliances like the CSACS-1120 Series and CSACS-1121 Series Appliances
• Utilitze the Main Components of ACS
• Install ACS 5.2
• Use a Setup Script
• Understand how Licensing works with the ACS
• Understand how Attributes, Value Types and Predefined Values are used
• Understand the different types of AAA Clients and how they access Network Resources and AAA Clients
• Work with a Local Identity Store & Identity Store Sequence
• Understand Users and Identity Stores
• Configure an External Identity Store with LDAP
• Know the fundamentals of LDAP
• Set up LDAP SSL
• Set up an External Identity Store with Active Directory
• Perform Authentication - Command Authorization - Accounting with TACACS
• Monitor and Troubleshoot ACS (AAA with TACACS+)
• Replace digital certificates self-signed by ACS using a local Certificate Authority
• Describe IEEE 802.1x and EAP – Extensible Authentication Protocol including:
  • 802.1x and Windows XP
  • Single Host Authentication
  • 802.1x – Single Host Authentication
  • 802.1x Troubleshooting

This course teaches you how to provide secure access to network resources using the Cisco® Secure Access Control System (ACS) 5.2, interoperating with security features in Cisco’s IOS® Software. You will gain a thorough understanding of the operation of the Cisco Secure ACS to control access to network services and devices. Course subjects include the principles of authentication, to restrict user access to networks, services, and devices; authorization, to restrict the functions users can perform on services and devices; and accounting, to track the activities of users. The RADIUS, TACACS+, Extensible Authentication Protocol (EAP), and 802.1x protocols are discussed in theory and practice as the basis of network security. Specific methods and configurations are shown that can be used in your production networks to achieve targeted and detailed restrictions. The course includes hands-on labs to provide personal experience in configuring Cisco ACS and Cisco network devices.

You will be exposed to designing, implementing and troubleshooting “Triple A” services (authentication, authorization and accounting) using Cisco’s ACS and IOS technology. The benefits of this course are to be found in its real-world approach, putting you in the shoes of the consultant implementing these services. Many engineers will benefit from this course when they use the implementation plan and checklists included in this course during their own projects.