active directory

The video walks you through configuration of wired 802.1X on Cisco ISE 3.0. We will configure authentication and authorization policies to support user and machine authentications and enforce Machine Access Restriction (MAR) using Windows Native Supplicant. DACL and VLAN will be assigned to authorized endpoints. A test will be performed on both EAP-TLS and PEAP.

The video walks you through configuration of wired 802.1X on Cisco ISE 3.0. We will configure authentication and authorization policies to support user and machine authentications and enforce Machine Access Restriction (MAR) using Windows Native Supplicant. DACL and VLAN will be assigned to authorized endpoints. A test will be performed on both EAP-TLS and PEAP.

The video walks you through configuration of wired 802.1X on Cisco ISE 3.0. We will configure authentication and authorization policies to support user and machine authentications and enforce Machine Access Restriction (MAR) using Windows Native Supplicant. DACL and VLAN will be assigned to authorized endpoints. A test will be performed on both EAP-TLS and PEAP.

The video shows how you can leverage Active Directory database for your ISE 1.3 administrative login. We will create two different sets of admin permission and assign them to users accordingly to their AD group membership. Users will have limited access to ISE menu options and data according to our policy configuration.

The video shows you how to leverage an existing Active Directory database for administrative user login on Cisco ASA FireSight System. We will go through configuration of LDAP integration, and usergroup-to-role mapping. You will be able to limit access to FireSight web interface based on your user job function.

The video demonstrates Cisco ISE 1.3 capability to integrate with multiple Active Directory forest/domains. We will be joining our ISE deployment to three domains: two participate in two-way trust, and one being untrusted, and try to understand how a user is searched through different domains, and how search scope can be limited. We will also look at feature enhancements such as identity rewrite, user test authentication, diagnostic tool, and scope mode. At the end, we will see how an AD join point appear under Identity Source Sequence.

The video demonstrates Cisco ISE 1.3 capability to integrate with multiple Active Directory forest/domains. We will be joining our ISE deployment to three domains: two participate in two-way trust, and one being untrusted, and try to understand how a user is searched through different domains, and how search scope can be limited. We will also look at feature enhancements such as identity rewrite, user test authentication, diagnostic tool, and scope mode. At the end, we will see how an AD join point appear under Identity Source Sequence.

The video demonstrates how you can leverage user identity information within Cisco ASA FirePower and FireSight System as part of User Network Discovery. We will utilize AD User Agent to obtain user-to-IP mapping, and integrate to Active Directory to obtain user and group information. This information can be used to tie user identity to network traffic as well as including them in Access Control rules for access enforcement

The video demonstrates how you can leverage user identity information within Cisco ASA FirePower and FireSight System as part of User Network Discovery. We will utilize AD User Agent to obtain user-to-IP mapping, and integrate to Active Directory to obtain user and group information. This information can be used to tie user identity to network traffic as well as including them in Access Control rules for access enforcement

The video walks you through an installation of Cisco Context Directory Agent (CDA) server. We will start by prepping a non-domain admin service account for CDA to use to contact Windows Active Directory. We will then step through a virtual machine creation, software installation and patching. We will also spend some time on the CDA web interface. By the end of the lab, we will be able to have CDA monitor user AD login activities and create user-to-IP mapping information that we will leverage in the future videos.