Cisco Identity-Based Networking Services (IBNS) and 802.1X Deployment for Wired and Wireless (CIBNS802.1X)

 

Course Overview

This class provides theory and hands-on experience in deploying Cisco Identity-Based Networking Services (IBNS) and implementing 802.1X authentication for secure network access control. The class covers Cisco Identity Services Engine (ISE) configuration, integration with Active Directory, policy creation, and implementation of 802.1X on both wired and wireless networks including IBNS 2.0. Additionally, it includes advanced authentication techniques such as MAB (MAC Authentication Bypass), TEAP (Tunnelled EAP), and TLS (Transport Layer Security), along with guest access configuration, troubleshooting, and monitoring.

Who should attend

  • Security architects
  • Design engineers
  • Network engineers

Prerequisites

To fully benefit from this course, you should have knowledge of these topics:

  • Basic Cisco wireless LAN controllers
  • Basic command-line configuration of Cisco Catalyst switches

Here are some recommended Cisco learning offerings that can help you meet these prerequisites:

Course Objectives

By completing this class students will be able to:

  • Set up and configure Cisco ISE – including certificate enrollment, and RADIUS settings.
  • Integrate Cisco ISE with Active Directory – enabling centralized identity management and policy enforcement.
  • Implement 802.1X authentication policies for wired and wireless networks using Cisco ISE and network devices.
  • Deploy Cisco IBNS 2.0 for enhanced security and automation in access control.
  • Enable Guest Access using Cisco ISE’s Hotspot Portal for managed guest connectivity.
  • Configure MAC Authentication Bypass (MAB) for non-802.1X capable devices.
  • Monitor and troubleshoot network access with Cisco ISE’s diagnostic tools and session tracing.
  • Plan and deploy an IBNS-based network, ensuring certificate-based authentication, policy sets, and secure access control.
  • Implement advanced security mechanisms such as TLS and TEAP for wired and wireless authentication.

Outline: Cisco Identity-Based Networking Services (IBNS) and 802.1X Deployment for Wired and Wireless (CIBNS802.1X)

Module 1: Introduction to Cisco Identity-Based Networking Services (IBNS)

  • Objective: Describe Cisco IBNS for providing access control to corporate networks.
    • Overview of IBNS and its components.
    • Role of IBNS in securing corporate networks.
    • Use cases and benefits of IBNS deployment.

Module 2: Authentication Protocols and RADIUS Communication

  • Objective: Describe Extensible Authentication Protocol (EAP) authentication types and methods, and the role of RADIUS in EAP communications.
    • Introduction to EAP: Purpose and significance in secure network authentication.
    • Types and methods of EAP:
      • EAP-TLS
      • EAP-PEAP
      • EAP-TEAP
    • Role and functions of Certificates
    • Role and functionality of RADIUS:
      • Authentication, Authorization, and Accounting (AAA).
      • Communication flow between endpoints, RADIUS server, and network devices.

Module 3: Configuring Cisco Network Devices for 802.1X Operation

  • Objective: Describe how to configure Cisco Catalyst switches, Cisco Wireless LAN Controllers (WLCs), and Cisco ISE for 802.1X operation.
    • Cisco Catalyst Switch Configuration:
      • Enabling 802.1X using IBNS1 and IBNS2 commands
      • Configuring authentication methods.
      • Integrating switches with Cisco ISE.
    • Cisco Wireless LAN Controller Configuration:
      • Setting up 802.1X authentication on WLCs.
      • Configuring access policies for wireless networks.
    • Cisco ISE Configuration:
      • Adding network devices to Cisco ISE.
      • Configuring authentication policies and profiles.
      • Testing and verifying 802.1X authentication.
    Module 4: Access Configuration for Non-Supplicant Devices
    • Objective: Describe how to configure access for non-supplicant devices in an 802.1X deployment.
      • Understanding non-supplicant devices and challenges in securing them.
      • Methods for securing non-supplicant device access:
        • MAC Authentication Bypass (MAB).
        • Web authentication (WebAuth).
      • Best practices for managing non-supplicant devices in IBNS deployments.

Module 5: Post Deployment Monitoring and Troubleshooting

  • Objective: Describe how to Monitor and Troubleshoot Cisco IBNS Networks with Cisco ISE and 802.1X.
    • Troubleshooting Endpoint Issues
    • Troubleshoot Network Access Device Issues

Module 6: Planning and Deploying Cisco IBNS Networks

  • Objective: Describe how to plan and deploy Cisco IBNS Networks with Cisco ISE and 802.1X.
    • Planning Phase:
      • Assessing network infrastructure readiness.
      • Identifying key security requirements.
      • Designing authentication and authorization policies.
    • Deployment Phase:
      • Step-by-step implementation of Cisco IBNS with Cisco ISE.
      • Deployment of 802.1X across wired and wireless networks.
      • Testing and troubleshooting the deployment.
    • Post-Deployment:
      • Monitoring and maintaining IBNS environments.

Prices & Delivery methods

Online Training

Duration
3 days

Price
  • Online Training: CAD 4,345
  • Online Training: US $ 3,150
Dates and Booking
Request a date
Classroom Training

Duration
3 days

Price
  • Canada: CAD 4,345
Dates and Booking
Request a date

Click on town name or "Online Training" to book Schedule

Instructor-led Online Training:   This computer icon in the schedule indicates that this date/time will be conducted as Instructor-Led Online Training. If you have any questions about our online courses, feel free to contact us via phone or Email anytime.

United Kingdom

 Online Training Time zone: British Summer Time (BST) Enroll
Online Training Time zone: Greenwich Mean Time (GMT) Enroll