Cisco DOD Comply-to-Connect (C2C)

The Cisco DoD Comply-to-Connect (C2C) training teaches you how to implement and deploy a Department of Defense (DoD) Comply-to-Connect network architecture using Cisco Identity Services Engine (ISE). This training covers implementation of 802.1X for both wired and wireless devices and how Cisco ISE uses that information to apply policy control and enforcement. Additionally, other topics like supplicants, non-supplicants, ISE profiler, authentication, authorization, and accounting (AAA) and public key infrastructure (PKI) support, reporting and troubleshooting are covered. Finally, C2C specific use case scenarios are covered.


This training also earns you 32 Continuing Education (CE) credits towards recertification.

Course Information

Price: $4,995.00
Duration: 5 days
Certification: 
Exam: 
Learning Credits: 50
Continuing Education Credits: 32
Course Delivery Options

Check out our full list of training locations and learning formats. Please note that the location you choose may be an Established HD-ILT location with a virtual live instructor.

Train face-to-face with the live instructor.

Access to on-demand training content anytime, anywhere.

Attend the live class from the comfort of your home or office.

Interact with a live, remote instructor from a specialized, HD-equipped classroom near you. An SLI sales rep will confirm location availability prior to registration confirmation.

All Sunset Learning dates are guaranteed to run!

Register

Prerequisites:

There are no prerequisites for this training. However, the knowledge and skills you are recommended to have before attending this training are:

  • Internet web browser usability knowledge
  • Working knowledge of transmission control protocol/internet protocol (TCP/IP) networking
  • Familiarity with network management concepts such as simple network management protocol (SNMP), Syslog, and NetFlow

The following recommended Cisco offering may help you meet these prerequisites:

  • Implementing and Administering Cisco Solutions (CCNA)

 

Target Audience:

This training is a Department of Defense mandate, ensuring compliance with cybersecurity protocols and procedures.

 

Course Objectives:

  • Gain an understanding of C2C fundamentals and Cisco Identity-Based Networking Services
  • Configure devices and access for 802.1X operations
  • Learn about Cisco ISE architectures, policies, and troubleshooting
  • Explain tunnel-based extensible authentication protocol (TEAP) configuration and usage with C2C
  • Examine Cisco ISE integration with public key infrastructure (PKI)
  • Gain an understanding of Secure Client ISE features and configuration for C2C
  • Explore C2C access management, profiling best practices and reports, use cases, and call admission control (CAC) authentication
  • Learn about Cisco ISE profiler service, endpoint compliance, reporting, and hardening with federal information processing standard (FIPS) mode
  • Configure profilers to support custom endpoint attributes

 

Course Outline:

Outline

  • Comply-to-Connect Fundamentals
  • Cisco Identity Based Networking Services
  • 802.1X Standard and EAP Authentication
  • Configure Devices for 802.1X Operations.
  • Configure Access for Non-802.1X Compliant Devices
  • Cisco ISE Architectures and C2C Deployment Options
  • Cisco ISE Policy Enforcement Components
  • Cisco ISE Policy Configuration
  • Troubleshooting Cisco ISE Policy and 3rd Party Support
  • Cisco ISE Policy Enforcement
  • Cisco ISE Profiler
  • MAC Authentication Bypass
  • Manual versus Group Policy Settings with TEAP
  • Explain TEAP configuration and usage with C2C
  • Cisco ISE integration with PKI Infrastructure
  • Understanding Secure Client ISE features and Configuration for C2C
  • Troubleshooting ISE Policy and Third-party NAD Support
  • Comply-to-Connect Access Management
  • Cisco ISE Profiler Service
  • Understanding Profiling with Change of Authorization (CoA)
  • Configure Profilers to support custom Endpoint Attributes
  • Comply-to-Connect Profiling Best Practices
  • Generating Comply-to-Connect Profiling Reports
  • Cisco ISE Endpoint Compliance
  • Comply-to-Connect Use Cases
  • Describe ISE Reporting
  • Describe ISE Hardening with FIPS Mode
  • Explain CAC Authentication with Comply-to-Connect

Lab outline

  • Configuring Devices for 802.1X Operation
  • Configuring Initial Cisco ISE Configuration and System Certificate Usage
  • Integrating Cisco ISE with Active Directory
  • Configuring Cisco ISE Policy for MAB
  • Configuring Cisco ISE for 802.1X
  • Configure Windows Native 802.1X supplicant with TEAP for ISE
  • Configuring Cisco Trustsec
  • Configuring ISE Profiling
  • Customizing the ISE Profiling Configuration
  • Create Cisco ISE Profiling Reports
  • Configuring Cisco ISE Compliance Services
  • Configure Client Provisioning
  • Configure Posture Policies
  • Test and Monitor Compliance-Based Access
  • Configure Cisco ISE for Basic Device Administration
  • Configure Cisco ISE Command Authorization
  • Configure Cisco CX ISE reporting tool to generate required C2C reports
  • Certificate-based Authentication for Cisco ISE Administration