The video walks you through configuration of OSPF routing on Cisco FTD 6.1. We will go over various features and functionalities of OSPF including basic configuration, redistribution, virtual link, route filtering and summarization.
The video shows you how you can increase security with access point authentication. We will go through various approaches available on Cisco Wireless LAN Controller that allow an AP to be authenticated prior to joining including MIC and LSC certificate authentication, static local and RADIUS MAC address auth list, and 802.1x authentication. We will be able to see and realize which method would work best in your environment.
The video shows you how to leverage an existing Active Directory database for administrative user login on Cisco ASA FireSight System. We will go through configuration of LDAP integration, and usergroup-to-role mapping. You will be able to limit access to FireSight web interface based on your user job function.
The video shows you how to configure Cisco ASA CX to enforce Active Authentication and apply the same decryption and access policies to the remote VPN user so they can have the same user experiences as those locating inside the network. We will perform additional traffic restriction based on client operating system using information provided by Cisco AnyConnect client, as well as user browser type using User Agent attribute.
The video shows you how to configure Cisco ASA CX to enforce Active Authentication and apply the same decryption and access policies to the remote VPN user so they can have the same user experiences as those locating inside the network. We will perform additional traffic restriction based on client operating system using information provided by Cisco AnyConnect client, as well as user browser type using User Agent attribute.
The video provide a method to enhance reliability of Cisco ASA CX Passive Authentication by integrating Cisco ISE with CDA. You will see how the caveats inherent to CDA can be solved by using realtime user and IP information provided by 802.1x identity-based authentication network. We will analyze RADIUS packets being communicated between Cisco ISE and CDA to try to understand the underlying mechanism. Testing will be performed on both domain and non-domain devices, that have been onboarded through ISE, and this includes both wired and wireless.
The video provide a method to enhance reliability of Cisco ASA CX Passive Authentication by integrating Cisco ISE with CDA. You will see how the caveats inherent to CDA can be solved by using realtime user and IP information provided by 802.1x identity-based authentication network. We will analyze RADIUS packets being communicated between Cisco ISE and CDA to try to understand the underlying mechanism. Testing will be performed on both domain and non-domain devices, that have been onboarded through ISE, and this includes both wired and wireless.
The video shows you the second method of obtaining user identity on Cisco ASA CX using Passive Authentication. We will leverage the User-to-IP mapping information provided by CDA by configuring CX device as a consumer. Once the mapping information is available to CX, minor modification will be performed on the Identity Policy and you will see how users are saved from having to enter their credentials as we saw in the Active Authentication. We will also discuss and demonstrate some caveats to this method towards the end of the lab.
The video shows you the first method of obtaining user identity on Cisco ASA CX using Active Authentication. We will integrate CX with Windows Active Directory to perform user authentication as well as user group query. We will redo our access policies from the previous lab and replace the source IP subnet with AD user group. This would be our first step towards identity-based access policies and free ourselves from the use of just IP addresses.
The video shows you the first method of obtaining user identity on Cisco ASA CX using Active Authentication. We will integrate CX with Windows Active Directory to perform user authentication as well as user group query. We will redo our access policies from the previous lab and replace the source IP subnet with AD user group. This would be our first step towards identity-based access policies and free ourselves from the use of just IP addresses.
