Home
Videos uploaded by user “Lab Minutes”
LabMinutes# SEC0061 - Introduction to Cisco TrustSec
 
05:30
more ISE video at http://www.labminutes.com/video/sec/TrustSec The video introduces you to the concept behind Cisco TrustSec. You will be able to understand the basic components that make up Cisco TrustSec and their interaction, which is a prerequisite for our future TrustSec labs. This is an introduction-to-technology video so there will be no lab. Topic: - Cisco TrustSec - Security Group Tag (SGT) - Security Group ACL (SGACL) - SGT Exchange Protocol (SXP)
Views: 13908 Lab Minutes
LabMinutes# SEC0029 - Windows 2008 CA User and Computer Certificate Auto-Enrollment
 
12:51
more at http://www.labminutes.com The video walks you through steps to deploy user and computer digital certificates from Windows 2008 Certificate Authority (CA) server through auto-enrollment and Group Policy. This method allows you to automatically distribute certificates to your Windows users, which is very effective for a large scale security deployment that requires either or both user and machine authentication using client-based certificate such as EAP-TLS. This lab assumes you have existing Windows certificate server and Active Directory (AD) infrastructure. Topic includes - Windows 2008 Certificate Server - Certificate Auto-Enrollment - Certificate Template
Views: 29487 Lab Minutes
LabMinutes# SEC0084 - Cisco ACS 5.4 AD Integration and Identity Store Sequences
 
07:02
Video Page http://www.labminutes.com/sec0084_acs_ad_integration_identity_store_sequences more ACS videos at http://www.labminutes.com/sec/acs The video walks you through steps for AD integration on Cisco ACS 5.4. We will join the ACS to an AD domain and download AD user groups, which we will use as part of authorization policies in our future labs. We will also touch on the function of Identity Store Sequences as a way to perform multiple user authentication database lookup. Topic: - Active Directory Integration - Active Directory User Group Selection - Identity Store Sequences
Views: 16732 Lab Minutes
LabMinutes# SEC0083 - Cisco ACS 5.4 Certificate Install
 
07:39
Video Page http://www.labminutes.com/sec0083_acs_certificate_install more ACS videos at http://www.labminutes.com/sec/acs The video shows how to install a third party certificate on Cisco ACS 5.4. The certificate will be used for securing web interface as well as validating client-based certificate as part of EAP authentication in our future labs. Topic - Certificate Signing Request (CSR) Generation - Certificate Signing with Windows 2008 CA - Certificate Binding/Install
Views: 19279 Lab Minutes
LabMinutes# SEC0064 - Introduction to Cisco VSG and VNMC
 
05:24
more VSG videos at http://www.labminutes.com/video/sec/vsg The video introduces you to the concepts behind Cisco VSG and VNMC. We will help you understand how VSG works with other components such as VNMC, VSM and VEM to provide policy-based security within an IP subnet. This video serves as a prerequisite to our future VSG labs. Since this is an introduction-to-technology video, there will be no lab. Topic: - VSG - VNMC - VSM - VEM - vPath
Views: 24092 Lab Minutes
LabMinutes# RS0017 - Introduction to Cisco Nexus 1000V
 
04:19
more Nexus 1000V videos at http://www.labminutes.com/video/rs/nexus 1000v Cisco Nexus 1000V Deployment Options http://www.labminutes.com/blog0005_nexus_1000v_deployment_options The video introduces you to the concept behind Cisco Nexus 1000V. You will be able to understand the basic components that make up Cisco Nexus 1000V switch and their interaction, which is a prerequisite for our future Nexus 1000V labs. This is an introduction-to-technology video so there will be no lab. Topic: - Cisco Nexus 1000V - Virtual Supervisor Module (VSM) - Virtual Ethernet Module (VEM) - System Vlan
Views: 8443 Lab Minutes
LabMinutes# SEC0092 - Cisco ACS 5.4 Wired 802.1X PEAP EAP-TLS with Machine Authentication (Part 1)
 
11:07
Video Page http://www.labminutes.com/sec0092_acs_wired_dot1x_peap_eap_tls_machine_authentication_1 more ACS videos at http://www.labminutes.com/sec/acs The video shows you how to configure wired 802.1X on Cisco ACS 5.4 using PEAP and EAP-TLS. We will perform both machine and user authentications, and enforce successful machine authentication using Machine Access Restriction (MAR). We will introduces MAR Cache distribution, which is a feature introduced in ACS 5.4. For authentication, we will attempt both using AD login credential (PEAP) and client-based certificate (EAP-TLS). Part 1 of the video focuses on configuration on the ACS. Topic: - ACS Wired 802.1X with PEAP and EAP-TLS - Machine Access Restriction/Distribution - Certificate Authentication Profile - Identity store Sequences - Policy Element - Authorization Profile - Downloadable ACL - Service Selection Rule - Access Services - Authentication Policy - Authorization Policy - RADIUS Attributes - Windows 7 Wired 802.1X Network Settings
Views: 17493 Lab Minutes
LabMinutes# SEC0158 - ASA FirePower Service Installation
 
17:32
Video page: http://www.labminutes.com/sec0159_asa_firepower_firesight_system_installation more videos at http://www.labminutes.com/video/sec/ASA%20FirePower The video gets you started on software installation of Cisco ASA FirePower service module and prepare it to be a managed device that will be added later to a FireSight system. The lab assumes no existing FirePower software installation or that you want to replace the previous IPS or CX services on the ASA. Topic: - ASA FirePower Software Service - ASA FirePower boot and software image - ASA FirePower setup wizard
Views: 85240 Lab Minutes
LabMinutes# SP0017 - Cisco MPLS TE Basic Traffic Engineering (Part 1)
 
09:42
Video page http://www.labminutes.com/sp0017_mpls_te_basic_traffic_engineering_1 more MPLS videos at http://www.labminutes.com/video/sp/mpls The video gets you started on Cisco MPLS Traffic Engineering (TE). We will look at the fundamental of MPLS TE including routing protocol, specifically ISIS, metric support, additional routing information the protocol needs to carry, and the role of Resource Reservation Protocol (RSVP) in bandwidth reservation, MPLS label distribution, and tunnel establishment. As a quick demonstration, we will configure a basic MPLS TE tunnel, perform Wireshark packet capture, and review RSVP packets. Part 1 of this video goes over ISIS configuration to support MPLS TE
Views: 19319 Lab Minutes
LabMinutes# SEC0101 - Cisco ACS 5.4 Patch Install and Remove
 
09:28
Video Page http://www.labminutes.com/sec0101_acs_patch_install_remove more ACS videos at http://www.labminutes.com/sec/acs The video walks you through the process of installing and removing software patch on Cisco ACS 5.4 in a distributed deployment. Topic: - ACS Patch Install - ACS Patch Remove - ACS Distributed Deployment
Views: 11488 Lab Minutes
LabMinutes# SEC0085 - Cisco ACS 5.4 LDAP Integration and Identity Store Sequences
 
06:46
Video Page http://www.labminutes.com/sec0085_acs_ldap_integration_identity_store_sequences more ACS videos at http://www.labminutes.com/sec/acs The video walks you through steps for LDAP integration on Cisco ACS 5.4. We will connect our ACS to Active Directory LDAP service, and perform Subject and Group search. We will also touch on the function of Identity Store Sequences as a way to perform multiple user authentication database lookup. Topic: - LDAP Integration - LDAP Subject and Group Search - Identity Store Sequences
Views: 9840 Lab Minutes
LabMinutes# SEC0033 - Cisco ISE 1.1 Active Directory (AD) Integration and Identity Source Sequence
 
15:44
more ISE video at http://www.labminutes.com/video/sec/ISE The video demonstrate steps to integrate Cisco ISE with Windows Active Directory to access user information for authentication and authorization. This is very similar to joining a computer to a domain, where ISE will become a domain computer. Once joined, ISE will have access to user attributes particularly information on group membership that is usually heavily used to determine user access privilege. Identity Source Sequence, on the other hand, is a list of Identity Sources in order of preference, which we also look at in this video. Topic: - Active Directory External Identity Source - AD User Group Selection - Identity Source Sequence
Views: 25023 Lab Minutes
LabMinutes# SEC0060 - Cisco ISE 1.1 Patch Install and Rollback
 
07:35
more ISE video at http://www.labminutes.com/video/sec/ise The video demonstrates how to install a software patch on your Cisco ISE, then roll it back using CLI. Topic: - Repository - Patch Install - Patch Rollback
Views: 7208 Lab Minutes
LabMinutes# SEC0034 - Cisco ISE 1.1 LDAP Integration and Identity Source Sequence
 
09:14
more ISE video at http://www.labminutes.com/video/sec/ISE The video demonstrate steps to integrate Cisco ISE with LDAP directory server. Here we uses Active Directory as an example. The configuration steps and result are very similar to AD integration, although you are able limit the search scope with LDAP. User group membership can also be retrieved to be used as part of authorization policies. We will also create a simple Identity Source Sequence where LDAP is included as one of Identity Sources. Topic: - External Identity Source (LDAP) - LDAP User Group Selection - Identity Source Sequence
Views: 9560 Lab Minutes
LabMinutes#SEC0009 - Windows 2008 Enterprise CA NDES Installation with SCEP on Cisco Router
 
30:28
more at http://www.labminutes.com The video walks you through an installation of Enterprise Certificate Authority (CA) and Network Device Enrollment Service (NDES) (aka SCEP) on a Windows 2008. We will test the server with a certificate request through web enrollment from a Windows client, as well as SCEP from a Cisco router. SCEP communication is captured and reviewed on Wireshark. At the end of the video, you should have a working CA server that you can use for certificate authentication in future labs. Topic includes - CA and NDES Installation - Certificate Web Enrollment and SCEP - 'crypto pki' on Cisco Router
Views: 16841 Lab Minutes
LabMinutes# RS0007 - Cisco Router and Switch SNMP Configuration
 
14:10
more at http://www.labminutes.com The video walks you through SNMPv2 configurations on a Cisco router with most commands being applicable to a Catalyst switch. SNMP Poll and Trap are demonstrated through SNMPB tool and by analyzing packets captured on Wireshark. SNMP is a widely-used protocol for monitoring the health of network devices, and collecting performance statistics. Topic includes - SNMPv2 Configuration - SNMP Polling/Trap - SNMP Access-Control - SNMP Packet Analysis
Views: 24614 Lab Minutes
LabMinutes# RS0064 - Cisco BGP Route Dampening (Part 1)
 
14:19
Video Page http://www.labminutes.com/rs0064_bgp_route_damping_1 more BGP videos at http://www.labminutes.com/video/rs/bgp The video introduces you to the concept of BGP route damping on Cisco router and how it can help alleviating the effect of route flapping. You will learn the important terminologies and parameters that dictate the behaviour of route damping and get to watch this feature in action in this lab. Part 1 of this video goes over basic of route damping and how to change the default parameters
Views: 3249 Lab Minutes
LabMinutes# WL0002 - Cisco WLC Software Upgrade
 
14:00
Video Page http://www.labminutes.com/wl0002_wlc_software_upgrade more wireless videos at http://www.labminutes.com/video/wl The video walks you through an upgrade process of Cisco Wireless LAN Controller. In addition, we will look at how we can minimize network downtime due to the upgrade by pre-downloading a new software image to access points. We will observe the access point during reboot and be able to see its software images being deployed as it detects the new version on the controller. This is a recommended method when having to upgrade a large number of access point especially when they need to pull the new image across a WAN. We will be using a vWLC for our demonstration but the steps are also applicable to other traditional WLC models.
Views: 11192 Lab Minutes
LabMinutes# SEC0045 - Cisco ISE 1.1 Wired 802.1X and Machine Authentication with EAP-TLS
 
20:35
Video Page http://www.labminutes.com/sec0045_ise_1_1_wired_dot1x_machine_auth_eap-tls more ISE video at http://www.labminutes.com/video/sec/ISE The video walks you through configuration of wired 802.1X using EAP-TLS on Cisco ISE. We will look how to configure authentication and authorization policies to support both user and machine authentication, how to restrict network access with DACL, and how to use Machine Access Restriction (MAR) to correlate user and machine sessions to ensure a user can access the network only from a domain (corporate) computer. We will perform testing from both domain and non-domain computers and observe the authentication results. Topic: - Certificate Profile (Common Name) - Identity Source Sequence - User and Machine Authentication with EAP-TLS - Policy Element Condition Authorization (Compound Condition) - Policy Element Result Authentication (Allowed Protocol) Authorization (Downloadable ACL) Authorization (Authorization Profile) - Authentication Policy - Authorization Policy
Views: 32177 Lab Minutes
LabMinutes# RS0058 - Cisco BGP Basic Route Advertisement (Part 1)
 
12:36
Video Page http://www.labminutes.com/rs0058_bgp_basic_route_advertisement_1 more BGP videos at http://www.labminutes.com/video/rs/bgp The video shows you how to advertise routes into BGP on Cisco routers. We will look at different methods of advertising routes and the effect they have on route Origin attribute. We will discuss the default behavior of routes being learnt from eBGP and then advertised into iBGP, and the importance of 'next-hop-self' command. Default route advertisement will also be demonstrated at the end of the video. Part 1 of this video focuses an advertisement of routes local to the routers
Views: 4174 Lab Minutes
LabMinutes# RS0099 - Prime 3.1 Device Configuration (Wired)
 
08:20
Full videos are available at http://www.labminutes.com/store/cisco-prime-31-advanced-video-bundle
Views: 22822 Lab Minutes
LabMinutes# RS0020 - Cisco Nexus 1000V Layer 3 VSM VEM Installation (Manual and VUM) (Part 1)
 
24:49
more Nexus 1000V videos at http://www.labminutes.com/video/rs/Nexus%201000V Cisco Nexus 1000V Installation and Deployment Options http://labminutes.com/blog0005_nexus_1000v_deployment_options The video walks you through Cisco Nexus 1000V installation in Layer 3 mode. We will explore various methods to install both VSM and VEM so you can be aware of steps involved and determine which method will work best in your deployment. This lab takes what we have discussed on the Nexus 1000V introduction video, and applies them into actual implementation. In part 1, we will be installing VSM from an .ova file and configure port-profiles. Topic includes - Nexus 1000V Layer 3 Mode - VSM Install Primary VSM using OVA (Manually Configure) Secondary VSM using OVA (Nexus 1000V Secondary) - VEM Install (Manual and VMware Update Manager) - Port-Profile - Control, Management VLAN - System Vlan - VEM Control (VMkernel) Interface with 'capability l3control'
Views: 17461 Lab Minutes
LabMinutes# SEC0031 - Cisco ISE 1.1 Node Registration with CA-Signed Certificate
 
14:26
more ISE video at http://www.labminutes.com/video/sec/ISE The video demonstrates how to register a Policy Service node to a primary Admin node using CA-signed certificate. The same process applies to registering a secondary Admin node. This step is required when implementing an ISE distributed design for high scalability. This method is preferable over self-signed certificate.
Views: 12914 Lab Minutes
LabMinutes# SEC0111 - Cisco ISE 1.2 AnyConnect VPN RADIUS Authentication and Authorization (Part 1)
 
16:44
Video Page http://www.labminutes.com/sec0111_ise_12_anyconnect_vpn_radius_authentication_authorization_1 more ISE videos at http://www.labminutes.com/video/sec/ise The video walks you through configuration of VPN RADIUS authentication on Cisco ISE 1.2 with AnyConnect Client SSL VPN. We will try to solve the problem of users having to select a VPN group at login by dynamically assigning them to a group-policy via Class RADIUS attribute. We will also attempt to enforce per-user ACL via the Downloadable ACL on ISE. This video is a counterpart of SEC0096 - ACS 5.4 AnyConnect VPN RADIUS Authentication and Authorization. Part 1 of this video provides overview of the lab setup and completes all required configuration on ISE.
Views: 20628 Lab Minutes
LabMinutes# SEC0113 - Cisco ISE 1.2 BYOD Wireless Onboarding Single SSID (Part 1)
 
17:12
Video Page http://www.labminutes.com/sec0113_ise_12_byod_onboarding_single_ssid_1 more ISE videos at http://www.labminutes.com/video/sec/ise The video walks you through Cisco ISE 1.2 configuration and demonstrates device onboarding as part of Bring Your Own Device (BYOD) concept. We will be exclusively covering wireless access with single SSID using Windows 7, iPhone, and Android as client devices. We will also looks at how users can manage their own devices through the MyDevices portal. This lab partially repeats our ISE 1.1 BYOD mini-series with emphasis on ISE 1.2. We will begin our configuration from scratch so you can observe the entire configuration steps. Part 1 of this video shows basic ISE basic configuration, SCEP, and client provisioning policies
Views: 18540 Lab Minutes
LabMinutes# SEC0159 - ASA FirePower FireSight System Installation
 
11:37
Video page: http://www.labminutes.com/sec0158_asa_firepower_service_installation more videos at http://www.labminutes.com/video/sec/ASA%20FirePower The video walks you through an installation procedure for Cisco FireSight System virtual appliance, and system configuration wizard to setup basic network parameters. We will have access to the FireSight web interface at the end of this video. Familiarity with VMware ESXi is recommended. Topic: - FireSight Virtual Appliance - VMware OVA Installation - System Configuration Wizard
Views: 53902 Lab Minutes
LabMinutes# SEC0096 - Cisco ACS 5.4 AnyConnect VPN RADIUS Authentication and Authorization
 
21:22
Video Page http://www.labminutes.com/sec0096_acs_anyconnect_vpn_radius_authentication_authorization more ACS videos at http://www.labminutes.com/sec/acs The video walks you through configuration of VPN RADIUS authentication on Cisco ACS 5.4 with AnyConnect Client SSL VPN. We will try to solve the problem of users having to select a VPN group at login by dynamically assigning them to a group-policy via Class RADIUS attribute. We will also attempt to enforce per-user ACL via the Downloadable ACL on the ACS. Topic: - Cisco AnyConnect Client SSL VPN - Network Device RADIUS - Device Filter - Policy Element - Authorization Profile - Downloadable ACL - RADIUS Class Attribute - Service Selection Rule - Access Services - Authentication Policy - Authorization Policy - RADIUS Attributes - ASA RADIUS Server and Default Tunnel Group
Views: 27334 Lab Minutes
LabMinutes# SEC0160 - ASA FirePower FireSight Basic Configuration (Part 1)
 
17:55
Video page http://www.labminutes.com/sec0160_asa_firepower_firesight_basic_configuration_1 more videos at http://www.labminutes.com/video/sec/ASA%20FirePower The video takes you through the first look of our freshly installed Cisco FireSight system web interface and shows recommended post-installation configuration including FireSight license install, Health Policy, System Policy, System Alerting, and System Updates. This will serves as a base configuration for our subsequent videos. Part 1 of this video goes through FireSight license install, Health Policy, and System Policy
Views: 46540 Lab Minutes
LabMinutes# SEC0087 - Cisco ACS 5.4 TACACS Device Admin on Switch and ASA (Part 2)
 
20:48
Video Page http://www.labminutes.com/sec0087_acs_tacacs_device_admin_switch_asa_2 more ACS videos at http://www.labminutes.com/sec/acs The video demonstrates TACACS+ configuration for Device Admin on Cisco ACS 5.4. We will go through the entire process of adding network devices, users, and building authentication and authorization policies. We will also look at basic AAA configuration on a Cisco switch and ASA firewall. We will use both local and AD users for testing and granting shell privilege 15 in this lab. Part 2 of this video shows switch and ASA configuration. The lab finishes with authentication testing. Topic: - Network Device and Network Device Group - Identity Group and User - Policy Element - Shell Profile - Service Selection Rules - Access Service - Authentication Policy - Authorization Policy - Switch and ASA AAA Configuration
Views: 16254 Lab Minutes
LabMinutes# SEC0088 - Cisco ACS 5.4 Shell Privilege and Command Authorization
 
20:40
Video Page http://www.labminutes.com/sec0088_acs_tacacs_shell_privilege_command_authorization more ACS videos at http://www.labminutes.com/sec/acs The video continues from our previous lab on TACACS+ Device Admin on Cisco ACS 5.4 to demonstrate an extended usage of shell privilege, and to support command authorization. We will attempt to enforce various privilege level and allowed command sets to both of our local and AD users. At the end of the lab, we will also look at how privilege level effects ability to configure an ASA on ASDM. Topic: - TACACS+ Shell Privileges and Command Authorization - Policy Element - Shell Profile - Command Set - Authorization Policy - Switch and ASA Authorization - ASA ASDM and Privilege Level
Views: 19362 Lab Minutes
LabMinutes# SEC0099 - Cisco ACS 5.4 Distributed Deployment
 
23:07
Video Page http://www.labminutes.com/sec0099_acs_distributed_deployment more ACS videos at http://www.labminutes.com/sec/acs The video demonstrates the process of setting up a distributed deployment on Cisco ACS 5.4. We will go through a secondary ACS registration, moving log collector role to a secondary ACS, failover testing, and promoting a secondary ACS to be a primary. Along the process, we will also verify MAR cache distribution that was configured in the previous labs, and note the caveat in the feature. Topic: - ACS Distributed Deployment - Secondary ACS Registration - Log Collector Role Change - ACS Failover - Secondary ACS Promotion
Views: 28404 Lab Minutes
LabMinutes# SEC0062 - Cisco ISE 1.1 Security Group Access (SGA) with ASA 9.1 TrustSec (Part 1)
 
15:08
more ISE video at http://www.labminutes.com/video/sec/ise The video demonstrates Cisco TrustSec support on Cisco ASA 9.1 with Cisco ISE. This lab is based on a 3750 switch that is not TrustSec hardware-capable but able to communicate IP-to-SGT mapping via SGT Exchange Protocol (SXP) to the ASA. We will be constructing an ACL based on SGT using the new Security object group. Cisco ISE will be mainly used to provide user authentication, SGT assignment, and the SGT-to-Name mapping to the ASA, although we will go over the remaining web interfaces for Security Group Access (SGA) and what you would need to configure to support the complete TrustSec implementation. In part 1, we will configure Cisco ISE policies to perform basic user authentication and assign SGT to user. Topic: - Security Group Access (SGA) - Security Group ACL (SGACL) - Security Group Tag (SGT) - SGT Exchange Protocol (SXP) - SGT-to-Name Mapping - Cisco TrustSec support on ASA 9.1 - SXP Config on a Switch and ASA - Security object Group
Views: 9961 Lab Minutes
LabMinutes# RS0026 - Cisco Nexus 1000V SPAN and ERSPAN
 
15:52
more Nexus 1000V videos at http://www.labminutes.com/video/rs/Nexus%201000V The video demonstrates how to perform packet capture on Cisco Nexus 1000V with SPAN and ERSPAN. SPAN allows traffic on the same ESXi host as the packet capture machine to be captured, while ERSPAN allows the packet capture machine to be on a different ESXi from a source or even multiple layer 3 hops away. We uses FTP as a sample application in this lab. Topic includes - SPAN - ERSPAN
Views: 7845 Lab Minutes
LabMinutes# SP0015 - Cisco MPLS VPN with BGP Route Reflector (Part 1)
 
11:36
Video page http://www.labminutes.com/sp0015_mpls_vpn_bgp_route_reflector_1 more MPLS videos at http://www.labminutes.com/video/sp/mpls Route reflector can be used in MPLS VPN to increase network scalability and routing manageability similarly to IPv4 BGP. This video demonstrates configuration of a route reflector in Cisco MPLS VPN. We will closely look at how a route reflector should be incorporated in a design and its placement choices. The lab also contains a special scenario of load balancing traffic to a site with dual connections, and advance exercises on route filter and Route Target rewrite. Part 1 of this video goes over a configuration of a route reflector
Views: 6216 Lab Minutes
LabMinutes# SEC0040 - Cisco ISE 1.1 Profiling, Probing, and MAC Address Bypass (Part 1)
 
23:04
more ISE video at http://www.labminutes.com/video/sec/ISE The video introduces you to the concept of device profiling and MAC Address Bypass (MAB) on Cisco ISE. We will start by going through different type of probing, how devices get profiled with Profiling policies, and how to create an Endpoint Identity Group for the profiled devices to be used in authorization policies. Static MAC address and Identity Group will be configured for devices that cannot be profiled. Cisco IP Phone and Access Point will be used in our demonstration. Part 1 of the video covers device probing, profiling and, static MAC address. Topic: - Profiling - Probing - MAC Address Bypass (Wired) - Endpoint Identity Group - Downloadable ACL - Authorization Profile
Views: 22859 Lab Minutes
LabMinutes#SEC0014 - Manual Certificate Install and SCEP on Cisco Router and ASA Windows 2008 CA
 
19:24
more at http://www.labminutes.com The video demonstrates how to install a SSL certificate on Cisco router and ASA firewall manually and via SCEP. Windows 2008 running Enterprise CA server is used in this lab to provide auto-enrollment. For manual enrollment, a Certificate Signing Request (CSR) is created on a network device and submitted to the CA through web enrollment. The issued certificate is then imported to the device. SCEP, on the other hand, automates the enrollment process into a single command through HTTP transaction given the CA is reachable to the devices. The installed certificate will be used for certificate authentication in our subsequent labs. Topic includes - Manual Certificate Installation on Cisco Router - SCEP Certificate Installation on Cisco Router and ASA
Views: 9230 Lab Minutes
LabMinutes# SEC0038 - Cisco ISE 1.1 802.1X Switch and WLC Recommended Config (Part 1)
 
27:35
more ISE video at http://www.labminutes.com/video/sec/ISE Cisco Identity Services Engine Network Component Compatibility, Release 1.1.x http://www.cisco.com/en/US/docs/security/ise/1.1.1/compatibility/ise_sdt.html The video presents you with Cisco recommended switch and Wireless LAN Controller (WLC) configuration to interoperate with Cisco ISE. Most configurations are for enabling 802.1X and RADIUS, while the remaining (eg. SNMP, DHCP etc) are for providing additional information as part of ISE device profiling. Here we use a Cisco 3750 and vWLC in our demonstration, and we will also add them to Network Device. The video closes by going through the switch configuration validator. Part 1 of the video covers switch configurations. Topic: - ISE Recommended 802.1X Switch Configuration - ISE Recommended WLC Configuration - Network Devices Group - Network Devices - ISE Configuration Validator
Views: 37194 Lab Minutes
LabMinutes# RS0009 - Cisco Virtual Router Redundancy Protocol (VRRP) Configuration
 
12:21
more at http://www.labminutes.com The video demonstrates VRRP configuration on two routers providing an IP gateway. Failover behavior caused by interface object tracking is observed. We also review VRRP packet captured on Wireshark. VRRP serves the same purpose as HSRP with minor differences: one being a standard protocol, hence it would be a protocol of choice for inter-operability with other vendors. Topic includes - Basic VRRP Configuration - VRRP priority and preempt - VRRP MD5 authentication - VRRP Interface Object Tracking - VRRP Packet Analysis
Views: 10509 Lab Minutes
LabMinutes#SEC0010 - Cisco ACS 5.x (5.1 5.2 5.3) VMware Installation
 
17:48
more at http://www.labminutes.com The video walks you through an installation of Cisco ACS 5.x (we use 5.3 for our demonstration) VMware version. We will guide you step-by-step through the installation process. At the end of this lab, you should have a working ACS server that you can use for RADIUS and TACACS+ authentication in future labs. No configuration, other than the setup process, is performed in this video. The video assumes that you have basic working knowledge of VMware ESXi.
Views: 28671 Lab Minutes
LabMinutes# SEC0044 - Cisco ISE 1.1 Wireless 802.1X and Machine Authentication with PEAP
 
21:11
more ISE video at http://www.labminutes.com/video/sec/ISE The video walks you through configuration of wireless 802.1X using PEAP on Cisco ISE. We will look how to configure authentication and authorization policies to support both user and machine authentication, how to restrict network access with DACL, and how to use Machine Access Restriction (MAR) to correlate user and machine sessions to ensure a user can access the network only from a domain (corporate) computer. We will perform testing from domain, non-domain computers, and iPhone and observe the authentication results. Topic: - User and Machine Authentication with PEAP - Policy Element Condition Authorization (Compound Condition) - Policy Element Result Authentication (Allowed Protocol) Authorization (Authorization Profile) - Wireless LAN Controller ACL - Authentication Policy - Authorization Policy
Views: 16409 Lab Minutes
LabMinutes# SEC0094 - Cisco ACS 5.4 Wireless 802.1X PEAP EAP-TLS with Machine Auth (Part 1)
 
08:27
Video Page http://www.labminutes.com/sec0094_acs_wireless_dot1x_peap_eap_tls_machine_authentication_1 more ACS videos at http://www.labminutes.com/sec/acs The video shows you how to configure wireless 802.1X on Cisco ACS 5.4 using PEAP and EAP-TLS. We will perform both machine and user authentications, and enforce successful machine authentication using Machine Access Restriction (MAR). We will introduces MAR Cache distribution, which is a feature introduced in ACS 5.4. For authentication, we will attempt both using AD login credential (PEAP) and client-based certificate (EAP-TLS). Part 1 of the video focuses on configuration on the ACS. Topic: - ACS Wireless 802.1X with PEAP and EAP-TLS - Machine Access Restriction/Distribution - Certificate Authentication Profile - Identity store Sequences - Policy Element - Authorization Profile - Airespance Name ACL - Service Selection Rule - Access Services - Authentication Policy - Authorization Policy - RADIUS Attributes - WLC SSID Configuration - Windows 7 Wireless 802.1X Network Settings
Views: 33024 Lab Minutes
LabMinutes# SEC0086 - Cisco ACS 5.4 TACACS Device Admin on Switch and ASA (Part 1)
 
15:56
Video Page http://www.labminutes.com/sec0086_acs_tacacs_device_admin_switch_asa more ACS videos at http://www.labminutes.com/sec/acs The video demonstrates TACACS+ configuration for Device Admin on Cisco ACS 5.4. We will go through the entire process of adding network devices, users, and building authentication and authorization policies. We will also look at basic AAA configuration on a Cisco switch and ASA firewall. We will use both local and AD users for testing and granting shell privilege 15 in this lab. Part 1 of this video focuses on configurations on the ACS server. Topic: - Network Device and Network Device Group - Identity Group and User - Policy Element - Shell Profile - Service Selection Rules - Access Service - Authentication Policy - Authorization Policy - Switch and ASA AAA Configuration
Views: 44105 Lab Minutes
LabMinutes# WL0001 - Cisco Virtual Wireless LAN Controller (vWLC) 7.3 VMware Installation
 
24:57
more at http://www.labminutes.com Link: http://www.labminutes.com/blog0003_vwlc_7.3_installation_caveats The video demonstrates installation of a virtual Wireless LAN Controller (vWLC). We will step through the configuration starting from the creation of a virtual machine all the way to enabling evaluation license, having an access point join the controller and a user connects to a SSID. There will be mentions of certain requirements needed for successful configuration. We recommend basic knowledge of VMware ESXi before viewing this video. Topic includes - vWLC creation version 7.3 - vWLC configuration of remote console access - vWLC evaluation license - Access point registration
Views: 60226 Lab Minutes
LabMinutes# SP0009 - Cisco MPLS VPN PE-CE with OSPF (Part 1)
 
22:05
Video page http://www.labminutes.com/sp0009_mpls_vpn_pe_ce_ospf_1 more MPLS videos at http://www.labminutes.com/video/sp/mpls The video demonstrates configuration of OSPF as PE-CE routing protocol in Cisco MPLS VPN. In addition to basic OSPF configuration, we will go through more advance scenarios of dualed-home site and sites with a backdoor link, and try to understand how a use of Sham Link can prevent a backdoor link from being preferred over MPLS, and how Down-Bit and how Domain Tag can prevent learnt routes from being re-advertised out of the site. We will also look at the Domain ID and the affect that it has on OSPF LSA type. Part 1 of this video goes over basic OSPF configuration on PE and CE routers
Views: 2733 Lab Minutes
LabMinutes# SP0030 - Cisco MPLS Multicast VPN (Part 1)
 
12:45
Video page http://www.labminutes.com/sp0030_mpls_multicast_vpn_1 more MPLS videos at http://www.labminutes.com/video/sp/mpls The video introduces you to Cisco MPLS multicast VPN. We will first go through some theories behind the technology to give you a big picture of configuration steps that will be involved and familiarize you with essential terminologies. The configuration begins at global multicast, of which we will use Source-Specific Multicast (SSM), and followed by Default-MDT and Data-MDT configuration. During configuration, we will provide tips and point out anything that you might need to pay attention to. We will be testing using both Dense and Sparse modes at the client sites. Wireshark packet capture will be performed throughout this lab to help you place the theories into practice, and understand the structure of the multicast packets. Part 1 of this video goes over configuration of global multicast routeing and SSM
Views: 9742 Lab Minutes
LabMinutes# SEC0116 - Cisco SSL VPN ASA Certificate Install
 
17:45
Video page http://www.labminutes.com/sec0116_ssl_vpn_asa_certificate_install more videos at http://www.labminutes.com/video/sec/SSL%20VPN The video get you started on SSL VPN on Cisco ASA with certificate installation. You will learn how to generate a Certificate Signing Request (CSR) on the ASA, submit it to your Certificate Authority (CA), and import the signed certificate back to the ASA. Installing a trusted certificate should be your first step of implementing SSL VPN to save users from unnecessarily encountering certificate warnig.
Views: 21643 Lab Minutes
LabMinutes# SEC0005 - Cisco DMVPN Spoke Interesting Traffic and Per-Tunnel QoS Configuration
 
15:39
more DMVPN video at http://www.labminutes.com/video/sec/DMVPN The first half of the video shows you how to specify an interesting traffic that will cause a DMVPN spoke-to-spoke tunnel to be initiated, and utilized. In the second half, we will look at an ability to configure per-tunnel QoS from hub to spokes using NHRP group. Sometimes, it might be desirable to allow spokes to communicate directly to one another for only certain type of traffic, for example VOIP to minimize latency, while still routing other applications through hub for access control. Conventionally, having a single tunnel interface at the DMVPN hub allows only one QoS policy to be applied outbound to spokes. With NHRP 'map group' feature, you are able to group spokes with similar requirements together and apply unique QoS policy per group, while the policy actually takes effect on per-spoke basis. Topic includes - DMVPN interesting traffic matching for Spoke-to-Spoke tunnel - DMVPN per-tunnel QoS policy
Views: 4563 Lab Minutes
LabMinutes# RS0113 - SDA Fundamental
 
04:25
Full videos are available at http://www.labminutes.com/store/cisco-sda-video-bundle
Views: 3005 Lab Minutes
LabMinutes# SEC0046 - Cisco ISE 1.1 Wireless 802.1X and Machine Authentication with EAP-TLS
 
15:30
more ISE video at http://www.labminutes.com/video/sec/ISE The video walks you through configuration of wireless 802.1X using EAP-TLS on Cisco ISE. We will look how to configure authentication and authorization policies to support both user and machine authentication, how to restrict network access with DACL, and how to use Machine Access Restriction (MAR) to correlate user and machine sessions to ensure a user can access the network only from a domain (corporate) computer. We will perform testing from both domain, non-domain computers, and iPhone, and observe the authentication results. Topic: - Certificate Profile (Common Name) - Identity Source Sequence - User and Machine Authentication with EAP-TLS - Policy Element Condition Authorization (Compound Condition) - Policy Element Result Authentication (Allowed Protocol) Authorization (Authorization Profile) - Authentication Policy - Authorization Policy
Views: 15005 Lab Minutes
LabMinutes# SEC0036 - Cisco ISE 1.1 Device Admin RADIUS Authorization
 
17:49
more ISE video at http://www.labminutes.com/video/sec/ISE The video walks you through how to configure Cisco ISE to provide device admin authorization via RADIUS. We will look at how to restrict access on a Cisco switch based on group membership of both AD user group and local Identity Group. In addition, we will attempt to automatically assign shell privilege level using RADIUS attribute at user login. Topic - Device admin authorization based on group (local and AD) membership - Policy Element (Authorization Condition) - Policy Element (Authorization Profile) - RADIUS Attribute for Privilege 15 - 'aaa authorization exec'
Views: 9511 Lab Minutes

iphone dating apps 2014
auckland dating website
dating ring boston
iphone dating apps
online dating free site