$3,595.00 Cisco Learning Credits/Vouchers Accepted

Legend

Register for class 6 weeks prior to start date, and receive either an Amazon eGift Card for up to $250 OR 10% off your course!

Enter coupon code: earlybird(gift card) OR earlybird-10(10% off)

Need training for a group? TechSherpas 365 offers private, customized Onsite TrainingContact us for details/quotes.

ICLIn-Classroom Learning VLTVirtual Live Training GTRClass is guaranteed to Run
SATVMicrosoft Software Assurance Training Vouchers CLCCisco Learning Credits/Vouchers ODLOn-Demand Learning
Location Start date End Date Class Times Class Details Action
No class dates currently scheduled. Click here to request a date

Overview

Description

The goal of the course is to provide students information to secure Cisco wireless networks. The course provides guidelines for implementing Wi-Fi security architectures through proper configuration of Cisco wireless components. WISECURE provides students hands-on labs to reinforce concepts. Concepts taught include deploying Cisco AireOS 8.0, Cisco Prime Infrastructure Release 2.2, and Cisco Identity Services Engine Release 1.3 features. 

To participate in the hands-on labs in this class, you need to bring a laptop computer with the following:

  • Windows 7 or 8.1 or 10 is recommended. Mac OSX 10.6 or greater is supported as well.
  • Intel Celeron or better processors are preferred.
  • 1 GB or more of RAM
  • Browser Requirements: Internet Explorer 10 or greater or Mozilla Firefox. (Safari and Mozilla Firefox for Mac OSX)
  • All students are required to have administrator rights to their PCs and cannot be logged in to a domain using any Group Policies that will limit their machine’s capabilities.
  • If you do not have administrator rights to your PC, you at least need permissions to download, install, and run Cisco Any Connect Client.
  • If you are participating in a WebEx event, it is highly recommended to take this class at a location that has bandwidth speeds at a minimum of 1 Mbps bandwidth speeds.

Note: Students registering for this course will be receiving their course kit in a digital format. To be able to view your digital kit you will need to bring a laptop PC and/or a compatible iPad or Android tablet. The recommended system requirements and instructions to access the course kit content can be found at the following link: Digital Course Kit Requirements and Instructions

Please be aware that this digital version is designed for online use, not for printing. You can print up to 10 pages only in each guide within a course. Please note that every time you click the Print button in the book, this counts as one page printed, whether or not you click OK in the Print dialog.

If you have any questions or issues with meeting the requirements listed above, please contact us at [email protected] and provide the class name to which you are attending and we will be more than happy to help.

Prerequisites

The knowledge, skills, and attitudes that a learner is expected to have before attending this course are as follows:

  • CCNA� R&S certification
  • CCNA� Wireless certification

It is also recommended that learners considered for this training have a basic knowledge of the following:

  • Cisco Prime Infrastructure
  • Cisco ISE
  • Metageek Channelizer Software
  • Voice Signaling Protocols
  • Basic QoS
  • Cisco Application Visibility Control
  • LAN switching

Description

Module 1: Define Security Approaches in a Wi-Fi Design
Objective: Define security approaches in a Wi-Fi design

Lesson 1: Defining Security Areas in the Wi-Fi Design
Objective: Identify common security issues influencing modern Wi-Fi designs
This lesson includes these topics:

  • Security Challenges for IT Organizations
    • Objective: Summarize the common security issues influencing modern Wi-Fi designs
    • Device Support
    • Security and Usage Policy
    • Device Visibility
    • Protecting Corporate Data
    • Revoke Access
    • IT Management Problems in a Post-PC Era
    • Modern Wi-Fi Security Concerns
    • Advantages of a Comprehensive BYOD Approach
    • Shift to BYOD: Device Diversity Is a Big IT Challenge
    • Network Access: The Problem
    • How Can IT Control Access to the Network?
    • AAA Solution
    • Compliance Regulations
    • Trends in Regulatory Compliance
    • Compliance Regulations
    • Data Breach Notification Goes Global
    • Need for a Security Policy
    • Security Policy Users
    • Components of a Comprehensive Security Policy
    • Governing Policy
    • Technical and End-User Policies
    • Standards, Guidelines, and Procedures
    • Security Policy Responsibilities
    • Security Awareness

Lesson 2: Describing Security Approaches in Wi-Fi Designs
Objective: Explore the many aspects of defining a security architecture within a Wi-Fi design
This lesson includes these topics:

  • Wi-Fi Network Security Objectives
    • Objective: Define the goals of a security design within both wired and Wi-Fi environments
    • Basic Security Assumptions
    • Basic Security Requirements
    • Risk: Motivation Meets Opportunity
    • Evolution of Intent
    • Information Security Realities: Trends
    • Communication Security Challenges: Mobility, Emerging Threats, and Compliance
  • Policy Enforcement for Users and Devices
    • Objective: Explore the components required to establish a typical corporate user and device policy
    • Cisco Lightweight Access Points
    • Wireless Controller
    • Cisco ISE
    • Cisco Prime Infrastructure
    • Cisco ISE
    • Cisco ISE Technologies
    • Cisco ISE as a Policy Platform
    • Simplified Onboarding for BYOD
    • Guest Access Needs
  • Describe Network Access Challenges
    • Objective: Discuss typical security challenges at the access point
    • Categorizing Wireless Vulnerabilities
    • Rogue APs and Clients
    • Rogue APs (Malicious)
    • Denial of Service
    • Over-the-Air Attacks
    • Internet of Things
    • IoT Addressable Market Estimate: $26.9 Billion by 2016
  • Describe Security Architecture Design Principles
    • Objective: Explore common security architecture design principles and their impact on the Wi-Fi design
    • What Is Defense in Depth?
    • 802.1X and EAP
    • Protection of Management Frames
    • Guest Access via Anchor Controller
    • Component Functions in a wIPS Deployment
    • Implementing AAA
  • Describe Secure Access Control
    • Objective: Provide an overview of concepts and systems required to secure access control within the Wi-Fi design
    • Secure Access Solution Portfolio
    • Authentication
    • Authorization
    • Accounting
    • Change of Authorization
    • Identity Sources
    • RADIUS
    • TACACS+
  • Describe Network Monitoring
    • Objective: Introduce the management systems available within the Cisco Wi-Fi environment that can be leveraged during design, deployment and operation
    • Cisco Prime Infrastructure Converged Approach
    • Cisco UWN Hierarchy
    • Cisco Prime Infrastructure Security Dashboard
    • Security Index
    • Rogue Monitoring
    • Alarm Summary
    • Rogue Details
    • Cisco ISE Dashboard
    • Cisco ISE Dashboard Navigation
    • Cisco ISE Alarms
    • Cisco ISE Alarms: Misconfigured Network Device Detected

Module 2: Design and Deploy End Point and Client Security
Objective: Describe how to design and deploy end point and client security

Lesson 1: Defining Endpoint and Client Standards and Features
Objective: Describe industry standards and features associated with secure mobility and roaming
This lesson includes these topics:

  • Describe Standards and Features
    • Objective: Describe the standards and features
    • Authentication
    • Authenticating Devices vs. Users
    • Open Authentication
    • Encryption
    • Symmetric and Asymmetric Encryption
    • Individual Keys
    • Common Keys
    • Asymmetric Encryption Algorithms
    • Asymmetric Confidentiality Process
    • Asymmetric Authentication Process
    • Rivest, Shamir, and Adleman
    • Digital Signature
    • RSA Digital Signatures
    • Trusted Third Party
    • Trusted Third-Party Protocols
    • Trusted Third-Party Example
    • Certificates
    • X.509 Version 3
    • Public Key Infrastructure
    • PKI Terminology and Components
    • Authentication Using Certificates
    • PKI in the WLAN
    • Using PKI in the WLAN
    • Wireless Threats
    • Wireless IDS
    • IEEE 802.1X
    • IEEE 802.1X over Wireless
    • 802.1X, EAP, and the AAA Relationship
    • Unique Encryption Keys
    • EAP Process
    • EAP Frame Format
    • EAP-TLS Authentication Overview
    • EAP-TLS Trust Model
    • PKI with EAP-TLS
    • PEAP Authentication Overview
    • PEAP Session Key: Phase 1
    • PEAP Session Key: Phase 2
    • PEAP Deployment
    • EAP-FAST Authentication Overview
    • EAP-FAST PAC Creation
    • EAP-FAST Session Key
    • EAP Comparison
    • RADIUS
    • Local EAP Authentication
    • Secure Access Control
    • Security Policy Management and Control Platform
    • Review of Wi-Fi Security Methods
    • WPA2 and IEEE 802.11i
    • IEEE 802.11i and AES Encryption
    • WPA, WPA2, and 802.11i Comparison
    • WPA2 Authentication Modes
    • Review WPA 2 Authentication Process
    • Review WPA2 Key Management
    • WPA2 Authentication Modes
    • WPA2 Strengths and History
    • WPA2 and CCMP Issues
    • WPA2 GCMP Advantages
    • 802.11i WPA2 Key Hierarchy
    • Authentication on Native Client Devices
  • Configure WPA2 and EAP
    • Objective: Configure WPA2 and EAP in a Wi-Fi environment
    • WPA2 Personal Implementation on Cisco AireOS WLC
    • WPA and WPA2 Personal Authentication Implementation in Cisco IOS XE WLC GUI
    • WPA and WPA2 Personal Authentication Implementation: Autonomous AP
    • WPA and WPA2 Enterprise Authentication Implementation: Cisco AireOS WLC
    • WPA and WPA2 Enterprise Authentication Implementation: Cisco IOS XE WLC
    • WPA and WPA2 Enterprise Authentication Implementation: Autonomous AP
    • Implementing Local EAP Authentication on Cisco WLC
    • EAP-FAST Parameters
    • Implementing Local EAP Authentication on FlexConnect AP
    • Local EAP Authentication on Autonomous AP
    • External RADIUS Server on Cisco AireOS WLC
    • External RADIUS Server on Cisco IOS-XE WLC
    • External RADIUS Server on FlexConnect
    • External RADIUS Server on Autonomous AP
  • Describe Security Mobility and Roaming
    • Objective: Describe security mobility and roaming
    • Typical Scanning Behavior
    • Cisco Compatible Extensions Client Roam Triggers
    • Cisco Compatible Extensions Channel Scanning: AP-Assisted Roaming
    • Cisco Compatible Extensions Channel Scanning: Enhanced Neighbor List
    • Cisco Compatible Extensions Channel Scanning: Enhanced Neighbor List Request
    • Cisco Compatible Extensions Channel Scanning: Directed Roam Request
    • IEEE 802.11k: Radio Resource Management
    • IEEE 802.11v: Wireless Network Management
    • Evaluating the AP List
    • Authentication Choreography
    • Fast Secure Roaming: History
    • EAP Types Supported by Cisco CKM
    • IEEE 802.11r: Fast BSS Transition
    • Fast BSS Transition Initial Mobility Domain Association
    • Over-the-Air Fast BSS Transition
  • Configure a Mobility Environment with WPA2 and EAP
    • Objective: Configure WPA2 and EAP for mobility in a Wi-Fi environment
    • Configure 802.11r Cisco on AireOS WLC
    • Implementing 802.11r on Cisco IOS XE WLC
    • IEEE 802.11r Mixed-Mode Support
    • Mixed-Mode Configuration
    • Implementing IEEE 802.11k
  • Guided Lab 1: Configure WPA2 Access
    • Objective: Configure WPA2 access on the controller to support endpoints
    • Activity Objective
    • Topology
    • Task 1: Verify Client Setup for Testing Client Access (Optional)
    • Task 2: Configure Required Interfaces
    • Task 3: Configure WLANs
    • Task 4: Configure a Local Network User on the WLAN Controller
    • Task 5: Configure Local EAP on the Controller
    • Task 6: Configure the Employee WLAN for Local EAP on Both Controllers
    • Task 7: Configure the Windows Supplicant
  • Guided Lab 2: Configure 802.1X Access
    • Objective: Configure NADs for 802.1X and for communication with Cisco ISE
    • Activity Objective
    • Topology
    • Task 1: Configure NADs for Cisco ISE

Module 3: Design and Deploy Cisco ISE and Management Platforms
Objective: Describe how to design and deploy Cisco Identity Services Engine (ISE) in Wi-Fi network

Lesson 1: Cisco Network Security Architecture
Objective: Describe recommended security architectures in Wi-Fi network
This lesson includes these topics:

  • Describe User Access Trends
    • Objective: Describe user access trends
    • How Do I Control Access to the Network?
    • Security Challenges for IT Organizations
  • Cisco ISE Architecture, Components, and Licensing
    • Objective: Describe Cisco ISE architecture, components, and licensing
    • Security Policy Management and Control Platform
    • Cisco ISE Nodes and Personas
    • Cisco ISE Nodes, Personas, and Roles
    • Network Access Device
    • Cisco ISE Licensing
    • Cisco ISE Appliances
    • VM Requirements
    • Installing Cisco ISE

Lesson 2: Profiles and Policies
Objective: Explain end device analysis with Cisco ISE profiling and create policies in Cisco ISE
This lesson includes these topics:

  • Describe End Device Analysis with Cisco ISE Profiling
    • Objective: Explain end device analysis with Cisco ISE profiling
    • Cisco ISE Profiler
    • Profiling Policies
    • Profiling Flow
    • Cisco ISE Probes
    • Device Sensor
  • Create Policies in Cisco ISE
    • Objective: Create policies in Cisco ISE
    • Considerations for Defining Policy Elements
    • Cisco ISE Workflow
    • Authentication in Cisco ISE
    • Rule-Based Authentication Policies
    • Useful Authentication Attributes
    • Authentication Policy Example
    • Authorization in Cisco ISE
    • Authorization Policy Rules
    • Identity Groups
    • Other Authorization Conditions
    • Authorization Profiles
    • Authorization Policy Example
    • Change of Authorization
    • Policy Sets

Lesson 3: Guest Access
Objective: Configure guest access and describe Cisco CMX Visitor Connect
This lesson includes these topics:

  • Configure Guest Access
    • Objective: Configure guest access
    • Wireless Guest DMZ Networks
    • Cisco Unified and Converged Access Wireless Guest Networks
    • Defining the Guest User
    • Guest User Role-Based Policies
    • Guest User Databases
    • Identity Stores and Attribute Sources
    • Guest User Database: Account Creation Method
    • How Does Guest Account Creation Work?
    • Guest Provisioning Services
    • Comparison of Central versus Local WebAuth
    • Central Web Authentication
    • Cisco ISE URL Redirection
    • Requirements for Configuring CWA
    • Wireless CWA Configuration
    • Cisco ISE Authentication Configuration
  • Describe Cisco CMX Visitor Connect
    • Objective: Describe Cisco CMX Visitor Connect
    • Visitor Connect Options
    • Common Visitor Connect Configuration

Lesson 4: Secure BYOD
Objective: Describe the secure BYOD solution
This lesson includes these topics:

  • Configure BYOD
    • Objective: Configure BYOD
    • Advantages of Cisco BYOD Solution
    • Cisco Solution Components
    • Onboarding
    • Device Authentication for BYOD
    • Cisco ISE: Authentication and Authorization Policies Supporting BYOD
    • Single or Dual SSID in BYOD
    • Onboarding and Provisioning
    • Onboarding: Supplicant Provisioning
    • Client Provisioning
    • BYOD Configuration
    • BYOD Authentication: CWA and IEEE 802.1X Use Cases
    • My Devices Portal
    • Cisco ISE: Device Profiling
    • BYOD Profiling with CoA
  • Describe BYOD Management and Monitoring
    • Objective: Design and Deploy Cisco ISE and Management Platforms
    • Cisco ISE and Cisco Prime Infrastructure Integration
    • Cisco ISE and Cisco Prime Infrastructure Reporting
    • Device 360º View Wireless Controller
    • Cisco Prime Infrastructure: Alarms and Events
    • Cisco Prime Infrastructure: Client Monitoring Dashboard
    • Cisco Prime Infrastructure: Clients and Users
    • Cisco Prime Infrastructure: Client Properties
    • Guest Verification and Live Log in Cisco Prime Infrastructure
    • Cisco ISE Live Authentication
    • Cisco ISE Live Authentication: Details
    • Cisco ISE Live Authentication: Live Session View
    • Cisco ISE Live Authentication: Authorization
    • Cisco WLC: Authorization Diagnosis
    • Session Trace
    • Generating Reports from Prime Infrastructure
  • Discovery 1: Overview of Cisco ISE
    • Objective: Describe how to navigate the Cisco ISE GUI
    • Activity Objective
    • Visual Objective
    • Task 1: Explore the Home Page
    • Task 2: Explore the Operations Tab
    • Task 3: Explore the Policy Tab
    • Task 4: Explore Administration
  • Guided Lab 3: Configure RADIUS Integration
    • Objective: Configure Cisco ISE to use the NAD
    • Activity Objective
    • Topology
    • Task 1: Initial Login and Initial Message Management
    • Task 2: Configure NADs on Cisco ISE
    • Task 3: Verify or Create Airespace ACLs for Various User Groups
  • Guided Lab 4: Configure a Basic Access Policy
    • Objective: Configure a basic access policy for employees
    • Activity Objective
    • Topology
    • Task 1: Configure a Policy for Active Directory Employees and Contractors
    • Task 2: Wireless Client Access
  • Guided Lab 5: Configure a Contractor2 Authentication Policy
    • Objective: Etablish authentication for an additional group of users
    • Activity Objective
    • Topology
    • Task 1: Policy Configuration for Contractor2
  • Guided Lab 6: Configure Hotspot Guest Access
    • Objective: Explore Cisco guest access configurations and operations
    • Activity Objective
    • Topology
    • Task 1: Guest Settings
    • Task 2: Guest Locations
    • Task 3: Verify Airespace ACLs for Hotspot Portal Operations
    • Task 4: Hotspot Portal Operations
  • Guided Lab 7: CWA and Self-Registered Guest Operations
    • Objective: Explore multiple Cisco ISE guest access configurations and operations
    • Activity Objective
    • Topology
    • Task 1: Self-Registration and Employee BYOD Portal Operations

Module 4: Secure Wi-Fi Infrastructure
Objective: Explain how to secure the Wi-Fi infrastructure

Lesson 1: Defining Endpoint and Client Standards and Features
Objective: Describe the current standards and features and how to configure them.
This lesson includes these topics:

  • Describe the Current Standards and Features
    • Objective: Describe the current standards and features
    • Infrastructure MFP
    • Infrastructure Mode
    • Client MFP
    • Client and Infrastructure Mode
    • Standardized MFP
    • IEEE 802.11w Protection
    • MFP vs. IEEE 802.11w
    • Identity-Based Services
    • Using Identity-Based Networking
    • Identity-Based Networking Example
    • Authorization Options for Users and Devices
    • VLANs and ACLs
    • Downloadable ACL vs. Airspace ACL
    • Preauthentication and Postauthentication ACLs
  • Configure MFP
    • Objective: Configure MFP
    • Configure MFP Globally
    • MFP Settings
    • Configure the WLAN for MFP: Security
    • Configure the WLAN for MFP: Advanced
    • Verify MFP
  • Configure IEEE 802.11w PMF
    • Objective: Configure IEEE 802.11w PMF
  • Configure Identity-Based Networking
    • Objective: Configure Identity-Based Networking
    • Cisco IOS XE TACACS+ Configuration
    • Role-Based Access Control
    • Admin User Configuration Procedure
    • Steps 1–3: Examine a Built-In, Edit, or Create an Admin Group
    • Step 4: Configure Administrator User
    • Steps 5–6: Edit or Delete Administrator Account
    • User Management
    • Local User Authentication
    • Add a Local User
    • User Authorization
    • External Authentication Server
    • Authentication Mode
  • Configure SMNPv3 in the Wi-Fi Environment
    • Objective: Configure RADIUS and TACACS
    • Configure SNMP: Autonomous AP GUI and CLI
    • Cisco WLC: Remove Default SNMP Community Names
    • Cisco WLC: Add SNMP Community Names
    • Cisco WLC: Remove SNMPv3 User Default Values
    • Cisco WLC: Add an SNMPv3 User
    • Cisco WLC: Add an SNMP Trap Receiver
    • Managing SNMP Trap Controls
    • SNMPv3 on Cisco IOS XE
    • SNMPv3 on Cisco ISE
    • Cisco Prime Infrastructure: Configure Controllers
    • Cisco Prime Infrastructure: Add a Controller
  • Discovery 2: Implementing SNMP v3
    • Objective: Configure the controller to implement SNMP v3
    • Activity Objective
    • Visual Objective
    • Task 1: Use the GUI to Change the SNMP v3 User Default Values
    • Task 2: Use the CLI to Change the SNMP v3 User Default Values
  • Discovery 3: Configure and Verify Cisco MFP
    • Objective: Configure and verify Cisco MFP
    • Activity Objective
    • Required Resources
    • Visual Objective
    • Task 1: Enable MFP on the Cisco WLC
    • Task 2: Create a New Local EAP Profile for EAP-FAST
    • Task 3: Enable Local EAP on the CCNP-Demo SSID
    • Task 4: Configure ap2 as a Workgroup Bridge for EAP-FAST Authentication to the Demo WLAN
    • Task 5: Verify that MFP Is Active on the Connection to CCNPW-Demo
  • Discovery 4: Rogue AP Monitoring and Rules
    • Objective: Monitor rogue APs in Cisco WLCs and Cisco Prime Infrastructure
    • Activity Objective
    • Required Resources
    • Visual Objective
    • Task 1: Monitor Rogue APs from the Cisco WLC
    • Task 2: Rogue Policies
    • Task 3: Monitor Rogues in Cisco Prime Infrastructure
  • Guided Lab 8: Configure Secure Administrative Access
    • Objective: Configure secure administrative access
    • Activity Objective
    • Topology
    • Task 1: Enable RADIUS Administration on the Cisco WLC
    • Task 2: Configure Local Identity Groups in Cisco ISE
    • Task 3: Configure Local Users in Cisco ISE
    • Task 4: Configure Authorization Profiles for Cisco WLC Admin Access in Cisco ISE
    • Task 5: Configure Authorization Policies for Cisco WLC Admin Access in Cisco ISE
    • Task 6: Test Cisco WLC Admin Access via RADIUS
  • Guided Lab 9: Configure a Basic Authentication Policy for an AP
    • Objective: Configure basic authentication policy for an AP
    • Activity Objective
    • Topology
    • Task 1: Policy Configuration for Network APs

Module 5: Design and Deploy Wi-Fi Access Control
Objective: Design and deploy Wi-Fi access control

Lesson 1: Defining Wi-FI Access Control Standards and Features
Objective: Explain ACLs, firewall functionalities, and how to configure ACLs in the Wi-Fi environment
This lesson includes these topics:

  • Describe ACLs and Firewall Functionality
    • Objective: Describe ACLs and firewall functionality
    • ACL Functionality and Limits
    • Firewalls
    • Firewall Ports
    • VPN Firewall: Remote Office
    • FlexConnect ACLs
  • Configure ACLs in the Wi-Fi Environment
    • Objective: Configure ACLs in the Wi-Fi environment
    • Autonomous AP: Add an IP ACL
    • Autonomous AP: Configure an IP ACL
    • Autonomous AP: Add a MAC ACL
    • Autonomous AP: Apply an ACL
    • Cisco WLC: Configure a New ACL
    • Cisco WLC: Configure ACL Rules
    • Cisco WLC: Deny Counters
    • ACL Types
  • Guided Lab 10: Implement Profiling
    • Objective: Configure the Cisco ISE Profiler service and service settings
    • Activity Objective
    • Topology
    • Task 1: Configure Profiling in Cisco ISE
    • Task 2: Configure the Feed Service (Optional)
    • Task 3: Configure Profiling in Cisco ISE
    • Task 4: NAD Configuration for Profiling
  • Guided Lab 11: Profiling and Device Onboarding
    • Objective: Configure Cisco ISE for BYOD onboarding
    • Activity Objective
    • Topology
    • Task 1: Portal Provisioning
    • Task 2: Provisioning Configuration
    • Task 3: Policy Configuration
    • Task 4: Employee Laptop PC Registration

Module 6: Design and Deploy Monitoring Capabilities
Objective: Describe management and monitoring capabilities in the Wi-Fi environment

Lesson 1: Defining Threat and Interference Mitigation Approaches in Wi-Fi
Objective: Explain how to define threat and interference mitigation in Wi-Fi environment
This lesson includes these topics:

  • Primary Security Concerns
    • Objective: Describe the primary security concerns
    • Rogue Access Points and Clients
    • Hacker APs
    • Denial of Service
    • Over-the-Air Attacks
    • Interference
    • Wireless Security
    • Policy Enforcement
    • Rogue Detection
    • Cisco WLC: Viewing Rogues
    • Cisco WLC: Rogue AP Detail
    • Cisco WLC: Rogue Classification
    • Rogue States
    • Cisco WLC: Monitoring the Logs
    • Controller-Based IDS
    • Cisco WLC: Standard Signatures
    • Cisco WLC: Broadcast Deauthentication Frame Signatures
    • Cisco WLC: NULL Probe Response Signatures
    • Cisco WLC: Management Frame Flood Signatures
    • Cisco WLC: EAPOL Flood Signature
    • NetStumbler Signatures
    • Cisco WLC: Wellenreiter Signature
    • wIPS Features
    • Component Functions in a wIPS Deployment
    • wIPS Protocols
    • Cisco IPS Integration
  • Configure wIPS in the Wi-Fi Environment
    • Objective: Configure wIPS in the Wi-Fi environment
    • Cisco WLC: Configure Signature Details
    • Cisco WLC: View IDS Signature Events
    • Cisco WLC: View IDS Signature Events Track Details
    • Configure wIPS Profiles
    • wIPS Alarm Flow
    • Monitoring Range
    • Security Confidence Level
    • Example Deployments
    • wIPS AP Placement
    • Integrated Deployment
    • Select the Policies
    • Edit a Policy
    • Configure Cisco Prime Infrastructure for wIPS
    • Add a Cisco MSE to Cisco Prime Infrastructure
    • Install wIPS License Files
    • Synchronize Cisco Prime Infrastructure and Cisco MSE
    • Configure Cisco Prime Infrastructure for wIPS
    • Create a wIPS Profile
    • Choose the SSID: Overlay Only
    • Enable the Radios
  • Configure Rogue Detection and Mitigation in the Wi-Fi Environment
    • Objective: Configure rogue detection and mitigation in the Wi-Fi environment
    • Cisco WLC: Editing the New Rule
    • Rogue Conditions
    • Cisco WLC: Managing Rogue APs
    • Cisco Prime Infrastructure: Rogue Alarms
    • Cisco Prime Infrastructure: Rogue AP Alarm Detail
    • Rogue Detector AP
    • Enable Rogue Detector Mode
    • Rogue Location Discovery Protocol
    • Enable RLDP
  • Management and Monitoring
    • Objective: Cnfigure management and monitoring parameters
    • Configure Spectrum Expert
    • Cisco CleanAir
    • Cisco Prime Infrastructure: Air Quality Monitoring
    • Cisco Prime Infrastructure: CleanAir Reporting
    • Cisco Prime Infrastructure: Monitoring RRM
    • Manage the Environment
      • Objective:
      • Create a Report
      • Customize a Report
      • View Scheduled Report Results
      • View Saved Reports
  • Guided Lab 12: Cisco ISE Profiling Reports
    • Objective: Run reports that focus on profiling data
    • Activity Objective
    • Topology
    • Task 1: Run Cisco ISE Profiling Reports
  • Guided Lab 13: Guest Reports
    • Objective: Run guest reports that are directly available from the Cisco ISE dashboard
    • Activity Objective
    • Topology
    • Task 1: Run Reports from Cisco ISE Dashboard
  • Guided Lab 14: Live Logs and Client 360° View
    • Objective: Configure live log viewing in Cisco ISE and User 360° view in Cisco Prime Infrastructure to display wireless user session information
    • Activity Objective
    • Topology
    • Task 1: Monitor Wired and Wireless Network Devices with Cisco Prime Infrastructure
    • Task 2: Monitor the Network with the Cisco ISE Dashboard
    • Task 3: Cisco ISE Alarms (Optional)
  • Guided Lab 15: Security Report Operations
    • Objective: Explore report operation capabilities in Cisco ISE
    • Activity Objective
    • Topology
    • Task 1: Run a Report with a Filter
    • Task 2: Save and Schedule Reports
    • Task 3: Favorite Reports
  • Guided Lab 16: Use System Security Verification Tools
    • Objective: Review the diagnostic tools that are available via the Cisco ISE Admin Portal
    • Activity Objective
    • Topology
    • Task 1: RADIUS Authentication Troubleshooting
    • Task 2: TCPDump