The Implementing Aruba Network Security (IANS) course covers intermediate security concepts and prepares candidates to take the exam to achieve Aruba Certified Networking Security Professional (ACNSP) certification. This course helps admins use the Aruba portfolio to implement Zero Trust Security (ZTS) and protect their networks from threats. It explains how to configure Aruba network infrastructure and ClearPass solutions to authenticate and control both wired and wireless users, as well as remote users on a client-to-site VPN. The course further explains how to collect a variety of contextual information on ClearPass Policy Manager (CPPM) and implement advanced role mapping and enforcement policies. The course also covers using ClearPass Device Insight to enhance visibility. Learners will learn how to set up features such as the ArubaOS-CX Network Analytics Engine (NAE), Aruba Wireless Intrusion Detection System/Intrusion Prevention System (WIDS/WIPS), and Aruba gateway IDS/IPS, as well as how to investigate alerts.
Prerequisites to this course
Aruba recommends that the candidate has attended the Aruba Network Security Fundamentals course prior to attending this professional level course or has equivalent experience and knowledge of network security fundamentals.
Target audience
Network engineer responsible for implementing security controls on enterprise networks. Candidate can describe the network security stack (firewall, proxy, remote access, IDS/IPS, access control, NTA, UEBA).
List of subjects
Aruba Security Strategy & ClearPass Fundamentals
Explain Aruba Zero Trust Security
Explain how Aruba solutions apply to different security vectors
Deploy Trusted Certificates to Aruba Solutions
Describe PKI dependencies
Set up appropriate certificates & trusted root CAs on CPPM
Implement Certificate-Based 802.1x
Deploy AAA for WLANs with ClearPass Policy Manager (CPPM)
Deploy certificate based authentication for users and devices
Implement Advanced Policies one the Role-Based ArubaOS Firewall
Deploy AAA for WLANs with ClearPass Policy Manager (CPPM)
Define and apply advanced firewall policies
Evaluate Endpoint Posture
Evaluate different endpoint postures
Implement a Trusted Network Infrastructure
Set up secure authentication and authorization of network infrastructure managers, including Advanced TACACS+ authorization and Multi-factor authentication
Secure L2 and L3 protocols, as well as other protocols such as SFTP
Implement 802.1X and Role-Based Access Control on AOS-CX
Deploy AAA for wired devices using ClearPass Policy Manager (CPPM), including local and downloadable roles
Explain Dynamic Segmentation, including its benefits and use cases
Deploy Dynamic Segmentation using VLAN steering
Configure 802.1X authentication for APs
Implement Dynamic Segmentation on AOS-CX Switches
Explain Dynamic Segmentation, including its benefits and use cases
Deploy Dynamic Segmentation, including User-based tunneling (UBT) and Virtual network-based tunneling (VNBT)
Monitor with Network Analytics Engine (NAE)
Deploy and use Network Analytics
Engine (NAE) agents for monitoring
Implement WIDS/WIPS
Explain the Aruba WIPS and WIDS technology
Configure AP rogue detection and mitigation
Use CPPM and Third-Party Integration to Mitigate Threats
Describe log types and levels and use the CPPM Ingress Event Engine to integrate with third-party logging solutions
Set up integration between the Aruba infrastructure and CPPM, allowing CPPM
Implement Device Profiling with CPPM
Explain benefits and methods of endpoint classification on CPPM, including active and passive methods
Deploy and apply endpoint classification to devices
Analyze endpoint classification data on CPPM to identify risks
Introduction to ClearPass Device Insight
Define ClearPass Device Insight (CPDI)
Analyze endpoint classification data on CPDI
Deploy ClearPass Device Insight
Define and deploy ClearPass Device Insight (CPDI)
Analyze endpoint classification data on CPDI
Integrate CPDI with CPPM
Integrate ClearPass Policy Manager (CPPM) and ClearPass Device Insight (CPDI)
Mitigate threats by using CPDI to identify traffic flows and apply tags and CPPM to take actions based on tags
Use Packet Captures To Investigate Security Issues
Perform packet capture on Aruba infrastructure locally and using Central
Interpret packet captures
Establish a Secure Remote Access
Explain VPN concepts
Describe the Aruba 9×00 Series Gateways
Design and deploy remote VPNs using Aruba VIA
Configure Aruba Gateway IDS/IPS
Describe the Aruba 9×00 Series Gateways
Define and apply UTM policies
Use Central Alerts to Investigate Security Issues
Investigate Central alerts
Recommend action based on the analysis of Central alerts
The price for this course excludes any costs for taking an exam. If an exam voucher is taken after the training, an additional invoice will be sent.
Not satisfied? You will get your money back without questions, without explanation. We want you to be always satisfied. Read more about money back guarantee.
Always certification guarantee via LAI CertProtect
If an employee leaves your organization within 6 months of a training, you can register another employee for the same training free of charge. This way you protect your investment! Read more about LAI CertProtect.
Always the best teachers
LAI has experienced and certified teachers who understand the art of explaining difficult topics in a fun and understandable way. Our teachers are still active in the professional field as consultants on a daily basis.
Always comprehensive advice
Courses and certifications can be complicated. Let our certification experts create a training program for your employees free of charge.
What our students tell us:
{
Very interesting training for Apple professionals. Delivered in a very smooth and pleasant way.
5
Astrid Desmet
Apple Service Engineer
Lab9
{
It was another fantastic experience! Just the way I'm used to from LAI. Always good! The flexibility regarding on location and from home is great too!
5
Desmond Klumpkens
Technical Consultant
Copaco Nederland B.V.
{
Interesting training and very knowledgeable trainer. I have followed the training in hybrid form and it works perfectly. Also the interaction with the other students and trainer.
5
Dènis Wegh
Network Consultant
PQR
{
One of the best trainings I ever had - If not the best! Hans did a really good job at presenting everything in a timely fashion. Really enjoyed it! Can´t recommend any suggestions for improvements, Hans and the LAI Team did a really good job!
Peter is a very skilled patient trainer with a lot of knowledge, also outside the course and is willing to go deeper into this and find out at the request of the participants.
5
Lien Monden
Network Engineer
VanRoey.be
{
As always fantastic training. Thanks!
5
Allan Willoughby
Technology Professional
ConoScenza
{
Very good training and highly recommended, good handout material.
5
Harry Willemsen
Senior Technical Consultant
Ingram Micro
{
Good information and a very enthusiastic and energetic trainer with a lot of knowledge about the material.
5
Marco Kok
User Support Analyst
TUI Netherlands
{
Good training with excellent instructor. The acquired knowledge can immediately be used in your daily job.
5
Aad Schulte
Network Engineer
Axians
{
I have been a student at LAI since 1998, the reason for that is that all of LAIs instructors have had an extensive knowledge of the subjects but also been able to present the material in a way that has been both interesting and engaging for me as a student. I also like the learingenvironment provided, where students are encouraged to share real life technical problems and solutions.
5
Sverre Sørensen
Chief Engineer
Norwegian Directorate of Education
{
Top trainer, nice atmosphere, nice that drinks are always available. In terms of content, a lot of relevant matters are handled more in depth.
5
Koen Vermeire
Network Consultant
Orange Cyberdefence
{
Valuable, direct relevance to daily work, a lot of added value (also / especially by trainer)
5
Johan Lam
Technical Consultant
Axians
{
Great. Glad there are real books.
5
Rob Boel
Account Support Manager
HPE
{
Nice training, Hans told it interestingly. Glad we had real books.
5
Erik Bloemink
Network Engineer
Axians
LAI in numbers
30.000+
students
9.6
customer satisfaction
100%
money back guaranteed
1987
more than 30 years of experience
Questions about this course
If you have any questions about this training, please contact us via [email protected], +31 10 2042220 or via the “get in touch” form below. After we have processed your registration, you will receive a registration confirmation and an invoice that can be paid by bank transfer or credit card.
This website uses cookies. By continuing to browse the site, you are agreeing to our use of cookies. CloseRead More
Privacy & Cookies Policy
Privacy Overview
This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.