Course Overview
This course covers intermediate security concepts and prepares you for the ACP - Network Security (ACP-NS) certification exam. This training will help administrators use the HPE Aruba Networking portfolio to implement a Zero Trust Security (ZTS) protection model for their networks. Attending the course will teach you how to:
- Configure HPE Aruba Networking infrastructure with ClearPass solutions to authenticate/control both wired & wireless users, as well as remote users through Security Service Edge (SSE).
- Collect contextual information with ClearPass Policy Manager (CPPM) & implement advanced role mapping as well as enforcement policies.
- Use ClearPass Device Insight to enhance visibility.
- Set up features such as the AOS-CX Network Analytics Engine (NAE), HPE Aruba Networking Wireless IDS/IPS (WIDS/WIPS), & gateway IDS/IPS.
- Investigate alerts.
Who should attend
Typical candidates for this course are network engineers responsible for implementing security controls on enterprise networks. Learners can describe the network security stack (firewall, proxy, remote access, IDS/IPS, access control, NTA, UEBA).
Certifications
This course is part of the following Certifications:
Prerequisites
The following knowledge is recommended for this seminar:
Aruba recommends that the candidate has attended the Network Security Fundamentals (ANSF) 24.41 course prior to attending this professional level course. Or have equivalent experience and knowledge of network security fundamentals.
Course Objectives
After you successfully complete this course, expect to be able to:
1. Protect and Defend
- Define security terminologies
- PKI
- Zero Trust Security
- WIPS & WIDS
- Harden devices
- Securing network infrastructure
- Securing L2 & L3 protocols
- Secure a WLAN
- Deploy AAA with CPPM
- Secure a wired LAN
- Deploy AAA with CPPM
- Deploy 802.1x
- Deploy certificate based authentication for users & devices
- Secure the WAN
- Understand Aruba's SD-Branch for automating VPN deployment
- Design and deploy VPN with Aruba's VIA client
- Classify endpoints
- Deploy endpoint classification to devices
- Integrate ClearPass and CPDI
2. Analyze
- Threat detection
- Investigate Central alerts
- Interpret packet captures Evaluate endpoint postures
- Troubleshooting
- Deploy and analyze results from NAE scripts
- Endpoint classification
- Analyze endpoint classification data to identify risks
- Analyze endpoint classification data on CPDI
3. Investigate
- Forensics
- Explain CPDI capabilities of showing network conversations on supported Aruba devices
Course Content
- HPE Aruba Networking Security Strategy and ClearPass Fundamentals
- Deploy Trusted Certificates
- Implement Certificate-Based 802.1X
- Implement Advanced Policies on the Role-Based AOS Firewall
- Evaluate Endpoint Posture
- Implement a Trusted Network Infrastructure
- Implement 802.1X and Role-Based Access Control on AOS-CX
- Implement Dynamic Segmentation on AOS-CX Switches
- Monitor with Network Analytics Engine (NAE)
- Implement WIDS/WIPS
- Use CPPM and Third-Party Integration to Mitigate Threats
- Implement Device Profiling with CPPM
- Device Profiling with HPE Aruba Networking
- Deploy ClearPass Device Insight
- Integrate Device Insight with CPPM
- Use Packet Captures To Investigate Security Issues
- Secure Remote and Branch Access
- Configure HPE Aruba Networking Gateway IDS/IPS
- Use HPE Aruba Networking Central Alerts