Implementing Network Security

Course Duration

5 Days

Audience

Employees of federal, state and local governments; and businesses working with the government.

Prerequisites

Completion of ACA-level ClearPass or campus access training, or equivalent experience. Knowledge of 802.1X, PKI, and basic firewall concepts is recommended.

Course Description

This course covers intermediate security concepts and prepares you for the ACP - Network Security (ACP-NS) certification exam. This training will help administrators use the HPE Aruba Networking portfolio to implement a Zero Trust Security (ZTS) protection model for their networks. Attending the course will teach you how to: - Configure HPE Aruba Networking infrastructure with ClearPass solutions to authenticate/control both wired & wireless users, as well as remote users through Security Service Edge (SSE). - Collect contextual information with ClearPass Policy Manager (CPPM) & implement advanced role mapping as well as enforcement policies. - Use ClearPass Device Insight to enhance visibility. - Set up features such as the AOS-CX Network Analytics Engine (NAE), HPE Aruba Networking Wireless IDS/IPS (WIDS/WIPS), & gateway IDS/IPS. - Investigate alerts.

Learning Objectives

• Define security terminologies
• PKI
• Zero Trust Security
• WIPS & WIDS
• Harden devices
• Securing network infrastructure
• Securing L2 & L3 protocols
• Secure a WLAN
• Deploy AAA with CPPM
• Secure a wired LAN
• Deploy AAA with CPPM
• Deploy 802.1x
• Deploy certificate based authentication for users & devices
• Secure the WAN
• Understand Aruba's SD-Branch for automating VPN deployment
• Design and deploy VPN with Aruba's VIA client
• Classify endpoints
• Deploy endpoint classification to devices
• Integrate ClearPass and CPDI
• Threat detection
• Investigate Central alerts
• Interpret packet captures Evaluate endpoint postures
• Troubleshooting
• Deploy and analyze results from NAE scripts
• Endpoint classification
• Analyze endpoint classification data to identify risks
• Analyze endpoint classification data on CPDI
• Forensics
• Explain CPDI capabilities of showing network conversations on supported Aruba devices

Course Outline

Course Modules

• HPE Aruba Networking Security Strategy and ClearPass Fundamentals
• Deploy Trusted Certificates
• Implement Certificate-Based 802.1X
• Implement Advanced Policies on the Role-Based AOS Firewall
• Evaluate Endpoint Posture
• Implement a Trusted Network Infrastructure
• Implement 802.1X and Role-Based Access Control on AOS-CX
• Implement Dynamic Segmentation on AOS-CX Switches
• Monitor with Network Analytics Engine (NAE)
• Implement WIDS/WIPS
• Use CPPM and Third-Party Integration to Mitigate Threats
• Implement Device Profiling with CPPM
• Device Profiling with HPE Aruba Networking
• Deploy ClearPass Device Insight
• Integrate Device Insight with CPPM
• Use Packet Captures To Investigate Security Issues
• Secure Remote and Branch Access
• Configure HPE Aruba Networking Gateway IDS/IPS
• Use HPE Aruba Networking Central Alerts

Frequently Asked Questions