Course Overview
The 5-day Aruba ClearPass Configuration course prepares participants with foundational skills in Network Access Control using the ClearPass product portfolio. The course includes both instructional modules and labs to teach participants about the major features in the ClearPass portfolio. Participants learn how to setup ClearPass as an AAA server and configure the Policy Manager, Guest, OnGuard and Onboard feature sets. In addition, the course covers integration with external Active Directory servers, monitoring and reporting, as well as deployment best practices. The student gains insight into configuring authentication with ClearPass on both wired and wireless networks.
Who should attend
Ideal candidates include network professionals who need to build foundational knowledge of the ClearPass product portfolio.
Prerequisites
There are no formal pre-requisites, however it is advisable for students to have the following skills prior to attending this course:
- Familiarity with networking
- Familiarity with basics of networking security concepts
Course Objectives
Upon successful completion of this course, students should be able to:
- Implement a ClearPass network access solution
- Design and apply effective services and enforcement in ClearPass
- Troubleshoot a ClearPass solution
Outline: Aruba ClearPass Configuration (CPC)
Introduction to ClearPass
- BYOD
- High level overview
- Posture and profiling
- Guest and Onboard
AAA
- Policy service rules
- Authentication, authorization and roles
- Enforcement policy and profiles
External Devices
- Network access devices
- Messaging services
- External context servers
Endpoint Profiling
- Introduction to profiling
- Profiling collectors
External Collectors and Profilers
- Roles and enforcement
- Services
- Enforcing ClearPass roles
Configuring Services
- Service selection rules
- Creating services
Configuring Web Services
- Content Manager
- Skins
- Web page editor
Guest Authentication
- Captive portal process
- Web logins
- Guest accounts
- Guest access with MAC authentication
Guest Access Self-Registration
- Self-registration experience
- Configuring self-registration
- Self-registration process
Wired Authentication
- Wired access
- Wired enforcement
- Profiling on wired ports
Downloadable User Roles (DUR)
- Requirements for DUR
- DUR enforcement profiles
Dynamic Segmentation
- What is dynamic segmentation?
- How it works
- Configuring dynamic segmentation
OnGuard Configuration
- Postures and posture policies
- OnGuard aAgent
- Monitoring OnGuard
OnGuard in Enforcement
- OnGuard workflow
- OnGuard enforcement
Onboard Provisioning
- Configuring certificate authorities
- Portal setup
- Configuring services
Onboard Administration
- Managing certificates
- Managing users and devices
- Certificate revocation and OCSP
Administrative Operations
- Licenses
- Certificates
- Updates and upgrades
- Gathering logs
ClearPass Cluster
- Cluster structure
- Policy Manager zones
- High availability
Administrative Access
- Admin access to NADs
- Admin access to Policy Manager
- Guest operator logins
Insight Reports
- Alerts
- Reports
- Administration