Cisco
Certification
Professional
Cisco DoD Comply-to-Connect (C2C)

The Cisco DoD Comply-to-Connect (C2C) training teaches you how to implement and deploy a Department of Defense (DoD) Comply-to-Connect network architecture using Cisco Identity Services Engine (ISE). This training covers implementation of 802.1X for both wired and wireless devices and how Cisco ISE uses that information to apply policy control and enforcement. Additionally, other topics like supplicants, non-supplicants, ISE profiler, authentication, authorization, and accounting (AAA) and public key infrastructure (PKI) support, reporting and troubleshooting are covered. Finally, C2C specific use case scenarios are covered.


How You'll Benefit

This training will help you:

  • Learn how to operate, manage, configure, and troubleshoot the Cisco C2C solution
  • Gain an understanding of how the Cisco ISE security components relate to the C2C architecture
  • Earn 32 CE credits towards recertification




Download pdf
Duration: 5 Days
CLC Value: 50
About the course

Course Objectives

  • Define DoD C2C, including its steps and alignment with ISE features/functions and Zero Trust
  • Describe Cisco Identity-Based Networking Services
  • Explain 802.1X extensible authentication protocol (EAP)
  • Configure devices for 802.1X operation
  • Configure access for non-supplicant devices
  • Describe the Cisco Identity Services Engine
  • Explain Cisco ISE deployment
  • Describe Cisco ISE policy enforcement concepts
  • Describe Cisco ISE policy configuration


Course Prerequisites

There are no prerequisites for this training. However, the knowledge and skills you are recommended to have before attending this training are:

  • Familiarity with 802.1X
  • Familiarity with Microsoft Windows Operating Systems
  • Familiarity with Cisco IOS CLI for wired and wireless network devices
  • Familiarity with Cisco Identity Service Engine

The following recommended Cisco offering may help you meet these prerequisites:

  • Implementing and Operating Cisco Security Core Technologies (SCOR)
Course content

Course Outline

  1. C2C Fundamentals
  2. Cisco Identity-Based Networking Services
  3. 802.1X EAP Authentication
  4. Configure Devices for 802.1X Operation
  5. Configure Access for Non-Supplicant Devices
  6. Introducing Cisco ISE Architecture
  7. Introducing Cisco ISE Deployment
  8. Introducing Cisco ISE Policy Enforcement Components
  9. Introducing Cisco ISE Policy Configuration
  10. PKI and Advanced Supplicants
  11. Troubleshooting Cisco ISE Policy and Third-Party NAD Support
  12. Exploring Cisco TrustSec
  13. Introducing the Cisco ISE Profiler
  14. Introducing Profiling Best Practices and Reporting
  15. Introducing Cisco ISE Endpoint Compliance Services
  16. Configuring Client Posture Services and Compliance
  17. Working with Network Access Devices
  18. C2C Use Cases



Lab Outline

  1. Configure and Test 802.1X Operations
  2. Configure Initial Cisco ISE Configuration and System Certificate Usage
  3. Integrate Cisco ISE with Active Directory
  4. Configure Cisco ISE Policy for MAB
  5. Configure Cisco ISE Policy for 802.1X
  6. TEAP on Windows
  7. Configure Cisco TrustSec
  8. Configure Profiling
  9. Customize the Cisco ISE Profiling Configuration
  10. Create Cisco ISE Profiling Reports
  11. Configure Cisco ISE Compliance Services
  12. Configure Client Provisioning
  13. Configure Posture Policies
  14. Test and Monitor Compliance-Based Access
  15. Configure Cisco ISE for Basic Device Administration
  16. Configure Cisco ISE Command Authorization
  17. DISA Reports
  18. Certificate-Based Authentication for Cisco ISE Administration



Who Should Attend

This training is a Department of Defense mandate, ensuring compliance with cybersecurity protocols and procedures. The target audience includes individuals seeking the knowledge and skills involved in deploying, operating, and verifying Cisco DoD C2C network architecture, such as:

  • Network Security Engineers
  • Network Administrators
  • Security Administrators