ClearPass Configuration (CPC)

The 5-day Aruba ClearPass Configuration course prepares participants with foundational skills in Network Access Control using the ClearPass product portfolio. This course includes both instructional modules and labs to teach participants about the major features of the ClearPass portfolio. Participants will learn how to set up ClearPass as an AAA server, and configure the Policy Manager, Guest, OnGuard and Onboard feature sets. In addition, this course covers integration with external Active Directory servers, Monitoring and Reporting, as well as deployment best practices. The student will gain insight into configuring authentication with ClearPass on both wired and wireless networks.


Prerequisites to this course

A minimum of 1 to 2 years of experience in rolling out network solutions in a professional environment. We recommend that you have at least an understanding of the basics of ACL’s and firewall rules.


Target audience

This five-day Clearpass course is ideal for network professionals who want to build up their basic knowledge of the ClearPass product portfolio. This course is also great for network administrators looking to learn more about the ClearPass product they have purchased, as well as for engineers and technicians wanting to implement a ClearPass solution.


List of subjects

Intro to Clearpass

  • BYOD
  • High Level Overview
  • Posture and Profiling
  • Guest and Onboard

ClearPass for AAA

  • Policy Service Rules
  • Authentication Authorization and Roles
  • Enforcement Policy and Profiles

Authentication and Security Concepts

  • Authentication Types
  • Servers
  • Radius COA
  • Active Directory
  • Certificates

Intro to NAD

  • NAD Devices
  • Adding NAD to ClearPass
  • Network Device Groups
  • Network Device Attributes
  • Aruba Controller as NAD
  • Aruba Switch
  • Aruba Instant

Monitoring and Troubleshooting

  • Monitoring
  • Troubleshooting
  • Logging
  • Policy Simulation

ClearPass Insight

  • Insight Dashboard
  • Insight Reports
  • Insight Alerts
  • Insight Search
  • Insight Administration
  • Insight Replication

Active Directory

  • Adding AD as Auth Source
  • Joining AD domain
  • Using AD services

External Authentication

  • Multiple AD domains
  • LDAP
  • Static Host Lists
  • SQL Database
  • External Radius Server

Guest

  • Guest Account creation
  • Web Login pages
  • Guest Service configuration
  • Self-registration pages
  • Configuring NADS for Guest
  • Guest Manager Deep Dive
  • Web Login Deep Dive
  • Sponsor Approval
  • MAC Caching

OnBoard

  • Intro to Onboard
  • Basic Onboard Setup
  • Onboard Deepdive
  • Single SSID Onboarding
  • Dual SSID Onboarding

Profiling

  • Intro to Profiling
  • Endpoint Analysis Deep Dive

Posture

  • Intro to Posture
  • Posture Deployment Options
  • OnGuard Agent Health Collection
  • OnGuard workflow
  • 802.1x with Posture using Persistent/dissolvable agent
  • OnGuard web Login
  • Monitoring and Updates

Operations & Admin Users

  • Operations
  • Admin Users

Clustering & Redundancy

  • Clustering
  • Redundancy
  • LAB

Licensing

  • ClearPass Licensing
  • Base License
  • Applications

Clearpass Exchange

  • Intro
  • Examples
  • General HTTP Palo Alto Firewall
  • Configuration

Case Study

  • Objectives
  • Discussion
  • Advanced Labs Overview

Wired Port Authentication

  • 802.1X for access layer switch ports
  • Profiling on Wired Network
  • Configuration of Dynamic Segmentation

Aruba Downloadable User Roles

  • Downloadable User Role Enforcement in ClearPass
  • Aruba Controller/Gateway configuration
  • Aruba Switch configuration
  • Troubleshooting