C2C - Cisco DoD Comply-to-Connect 1.0

The Cisco DoD Comply-to-Connect (C2C) training teaches you how to implement and deploy a Department of Defense (DoD) Comply-to-Connect network architecture using Cisco Identity Services Engine (ISE). This training covers implementation of 802.1X for both wired and wireless devices and how Cisco ISE uses that information to apply policy control and enforcement. Additionally, other topics like supplicants, non-supplicants, ISE profiler, authentication, authorization, and accounting (AAA) and public key infrastructure (PKI) support, reporting and troubleshooting are covered. Finally, C2C specific use case scenarios are covered.

This course is worth 32 Continuing Education (CE) Credits

C2C Fundamentals

• Comply to Connect
• From C2C to ZTA
• Steps to Implement C2C

Cisco Identity-Based Networking Services

• Cisco IBNS Overview
• AAA Role in Cisco IBNS
• Compare Cisco IBNS and Cisco ISE Solutions
• Explore Cisco IBNS Architecture Components

Configure Access for Non-Supplicant Devices

• Configure Cisco IBNS for Non-Supplicant Devices
• Explore IBNS 2.0 for Non-Supplicant Devices
• Configure Cisco Central Web Authentication for Guests

Introducing Cisco ISE Architecture

• Cisco ISE as a Network Access Policy Engine
• Cisco ISE Use Cases
• Cisco ISE Functions

Introducing Cisco ISE Deployment

• Cisco ISE Deployment Models
• Cisco ISE Licensing and Network Requirements
• Cisco ISE Context Visibility Features
• New Features in Cisco ISE3.x

Introducing Cisco ISE Policy Enforcement Components

• 802.1X for Wired and Wireless Access
• MAC Authentication Bypass for Wired and Wireless Access
• Identity Management
• Active Directory Identity Source
• Additional Identity Sources
• Certificate Services

Introducing Cisco ISE Policy Configuration

• Cisco ISE Policy
• Cisco ISE Authentication Rules
• Cisco ISE Authorization Rules

PKI and Advanced Supplicants

• Public Key Infrastructure
• TEAP in Comply to Connect (C2C)
• Secure Client ISE Features and Configuration for C2C

Introducing the Cisco ISE Profiler

• Web Access with Cisco ISE
• ISE Profiler Overview
• Cisco ISE Probes
• Profiling Policy
• Custom Attributes in Profiler

Introducing Cisco ISE Endpoint Compliance Services

• Endpoint Compliance Services Overview

Configuring Client Posture Services and Compliance

• Client Posture Services and Provisioning Configuration

Introducing Profiling Best Practices and Reporting

• Profiling Best Practices

C2C Use Cases

• Cisco CX ISE Reporting Tool
• ISE Reporting
• ISE Hardening
• Profiling Best Practices for C2C

Troubleshooting Cisco ISE Policy and Third-Party NAD Support

• Cisco ISE Third-Party Network Access Device Support
• Troubleshooting Cisco ISE Policy Configuration

Exploring Cisco TrustSec

• Cisco TrustSec Overview
• Cisco TrustSec Enhancements
• Cisco TrustSec Configuration

Working with Network Access Devices

• Reviewing AAA
• Cisco ISE TACACS+ Device Administration
• Configuring TACACS+ Device Administration
• TACACS+ Device Administration Guidelines and Best Practices

Attendees should meet the following pre-requisites:

• Familiarity with 802.1X
• Familiarity with Microsoft Windows Operating Systems
• Familiarity with Cisco IOS CLI for wired and wireless network devices
• Familiarity with Cisco Identity Service Engine

Individuals seeking the knowledge and skills involved in deploying, operating, and verifying Cisco DoD Comply-to-Connect program