TrainingPage

CWLS - Cisco Wireless LAN Security v5.0

Length: 4

Course Code: 5675

List Price: $2,695

TrainingPage Price: $2,627

Get $150 NFLShop Gift Card and more

View Dates & Enroll Online

Overview:

Learn to secure a Cisco WLAN in the most comprehensive course on Cisco wireless security advantages in the industry. In this advanced course, you will learn WLAN security standards and how to mitigate WLAN attacks. You'll discover WLAN EAP types as well as security configuration on both stand-alone and controller-based access point architectures. In hands-on labs, you'll learn to configure network and client equipment to provide maximum security. You'll learn to harden the access point and build VLANs with different forms of authentication and encryption. Also, you'll get an introduction to Cisco ACS RADIUS attributes and actually configure Cisco ADU for PEAP, EAP-FAST, and TLS.

To participate in the hands-on labs, please bring a laptop computer running Windows 2000 (SP4) or XP with an available 32-bit Cardbus slot, an Ethernet port, and either a 9-pin serial port or USB-to-serial adapter. You must have administrator rights to the laptop to install drivers for the wireless client used in class.

Description:

1. Introduction



  • Wireless LAN Security Today


2. Network Security and Cisco



  • Network Security

  • ISO FCAPS Model

  • WLAN Security Standards

  • WLAN Security Vulnerabilities

  • WLAN Security Best Practices


3. Cisco Aironet Stand-Alone Access Points



  • Features and Components

  • Cisco Integrated Services Routers


4. WLAN Authentication and Encryption



  • 802.1X Overview

  • EAP-Cisco Wireless (LEAP)

  • EAP-FAST

  • EAP-TLS

  • EAP-PEAP

  • WPA and 802.11i Encryption

  • WPA2/802.11i


5. Configuring Cisco Secure ACS



  • Network Configuration

  • System Configuration

  • External User Database

  • Group Setup

  • User Setup


6. Configuring Local RADIUS and Back-Up RADIUS on the Access Point



  • Local Authentication

  • Configuring a Local Authenticator

  • Network Access Servers (AAA Clients)

  • Encryption Manager

  • Back-Up RADIUS Configuration


7. Installation and Configuration for Cisco Protected EAP



  • PEAP Prerequisites

  • Cisco ACS v4.0 Certificate Setup

  • Access Point Setup

  • Cisco ADU Setup for PEAP


8. Installation and Configuration for EAP-TLS



  • Obtaining a User Certificate

  • Configuring ADU for EAP-TLS

  • Configuring the Windows Client for EAP-TLS

  • Configuring Cisco Secure Service Client


9. The Cisco Unified Wireless Network



  • Dynamic RF Management

  • Security and VLANs

  • Guest Tunnel and Anchor Mobility

  • Cisco Enhanced Security Module


10. WLAN Advanced Feature Security



  • Local Authentication

  • MAC Filtering

  • Access Control Lists

  • Network Access Control

  • Peer-to-Peer Blocking

  • Radius Authentication

  • Management Frame Protection (MFP)

  • WPA, WPA2, and CCKM

  • VPN Pass Through

  • Rogue AP and Ad-Hoc Client Detection

  • Intrusion Detection Management


11. Using WCS to Monitor Security



  • Lobby Ambassador

  • Monitoring Administrative Accounts

  • Rogue Access Points and Clients

  • Monitoring CIDS Sensors

Agenda:

Lab 1: Installing Aironet Desktop Utility

Lab 2: Configuring Cisco Secure ACS

Lab 3: Configuring EAP-FAST

Lab 4: Configuring Local RADIUS and Backup RADIUS on the Access Point

Lab 5: Cisco Aironet ADU PEAP Configuration

Lab 6: Cisco Aironet ADU TLS Configuration

Lab 7: Building VLANs with Different Forms of Authentication and Encryption

Lab 8: Using ACS to Assign VLANs

Lab 9: Hardening the Access Point

Lab 10: WDS and Rogue AP Detection Using CiscoWorks WLSE

Lab 11: WPA and WPA2 Setup on a WLAN Controller

Lab 12: WCS Rogue AP Detection and Mitigation

Lab 13: Local Authentication using the WLAN Controller

Audience:

CIOs, IT managers, and technical engineers responsible for managing and securing wireless networks.

Objectives:

  • Security policy design and management
  • Components and basic configurations of the Cisco core feature set
  • How authentication and encryption are used to secure the WLAN
  • Details of configuring the Cisco Secure ACS to provide 802.1X authentication for Cisco WLAN devices
  • Details of configuring the access point to provide 802.1X authentication for Cisco WLAN devices
  • Configure the access point to perform RADIUS authentication and Backup RADIUS authentication
  • Set up, install, and configure EAP-FAST, Cisco PEAP, and EAP-TLS authentication on the ACS server, Active Directory, access points, and Cisco wireless LAN adapters
  • Configure VLANs on the access points using different encryption and authentication methods per VLAN
  • Configure the ACS and the access point to allow the ACS to provide VLAN assignment to the client
  • Harden the access point
  • Use WDS and CiscoWorks WLSE to detect rogue access points
  • Components and basic configurations of the Cisco WLAN Controllers and lightweight access points
  • Purpose of key security features configured through Cisco wireless administration tools
  • Configure wireless client cards to connect to the LWAPP network using EAP-FAST authentication w/ AES encryption
  • Locate and contain access point as rouge access point through WCS

View Dates & Enroll Online