HPE | H38GHS | Aruba ClearPass Advanced Configuration | Skip to main Content

Aruba ClearPass Advanced Configuration

  • Course Code H38GHS
  • Duration 5 days
  • Version Rev.22.43

Course Delivery

Virtual Learning Price

eur3,600.00

excl. VAT

Request Group Training Add to Cart

Jump to:

Course Delivery

This course is available in the following formats:

  • Public Classroom

    Traditional Classroom Learning

  • Virtual Learning

    Learning that is virtual

Request this course in a different delivery format.

Course Overview

Top

This course prepares participants with foundational skills in Network Access Control using the ClearPass product portfolio. This course includes both instructional modules and labs to teach participants about the major features of the ClearPass portfolio. Participants will learn how to set up ClearPass as an AAA server, and configure the Policy Manager, Guest, OnGuard and Onboard feature sets. In addition, this course covers integration with external Active Directory servers, Monitoring and Reporting, as well as deployment best practices. The student will gain insight into configuring authentication with ClearPass on both wired and wireless networks.

Virtual Learning

This interactive training can be taken from any location, your office or home and is delivered by a trainer. This training does not have any delegates in the class with the instructor, since all delegates are virtually connected. Virtual delegates do not travel to this course, Global Knowledge will send you all the information needed before the start of the course and you can test the logins.

Course Schedule

Top

Contact us for dates

Request Group Training Dates in Other Countries

Target Audience

Top
  • Network Security Experts
  • Individuals who implement network access control solutions.
  • Network managers with Aruba access device experience (wired & wireless).
  • Network administrators who already own a ClearPass solution and are looking to deploy advanced features.
Show me more

Course Objectives

Top

After you successfully complete this course, expect to be able to:

  • Design a ClearPass cluster
  • Design a High availability solution with Virtual IP address following the best practices
  • Describe Public Key Infrastructure and certificate format types
  • Plan the certificates used by ClearPass
  • Explain how Enrollment over Secure Transport can automate the certificate generation process
  • Leverage RADIUS services to handle corporate wireless connections
  • Deploy WEBAUTH services to handle health checks
  • Describe the proposed RADIUS services that handles guest wireless connections
  • Explain general guest considerations
  • Design guest RADIUS services
  • Describe the proposed Onboard services
  • Describe the MPSK feature
  • Leverage these features in your deployment
  • Plan a successful wired access deployment
  • Provide administrative access control to ClearPass modules and NADs
  • Generate custom reports and alerts
Show me more

Course Content

Top

Network Requirements

  • ClearPass Goals
  • Network Topology
  • List of available resources
  • Scenario Analysis
  • Authentication requirements
  • Multiple user account databases
  • User Account attributes
  • High Level Design

PDI and Digital Certificates

  • Certificate Types
  • PKI
  • Certificate Trust
  • Certificate File Formats
  • ClearPass as CA
  • Certificate Use cases:
    • EAP
    • HTTPS
    • Service-based certificates
    • Onboarding
    • Clustering
    • RadSec
    • NAD Captive Portal
  • Installing Certificates
  • Enrollment over Secure Transport

Cluster Design

  • ClearPass Server Placement
  • Determine the layout of the Cluster
  • High-Availability Schema
  • Design High-Availability
  • VIP Failover
  • VIP Mapping
  • Insight Primary and Secondary

Network Integration

  • Authentication Sources
    • Local User Repository
    • Endpoint Repository
    • Admin User Repository
    • Guest User Repository
    • Guest Device Repository
    • Onboard Device Repository
    • Active Directory
    • SQL Server
  • Define External Servers
    • Unified Endpoint Management
    • Email Server
  • Endpoint Profiling
    • IF-MAP
    • Active Scans (SNMP)
    • DHCP
    • HTTPS
  • Network Devices
    • RadSec
    • Dynamic Authorization
    • Logging of RADIUS Accounting
    • Device-groups
    • Location Attributes
  • Policy Simulation

Corporate Access Design

  • Define the Requirements
  • High-level design
  • Services Design
  • Plan TIPs Roles
  • User Authentication
  • Machine Authentication
  • Tunneled EAP, EAP-TLS and Protected EAP
  • One versus Multiple Services
  • Plan Enforcement
  • Device-groups based Enforcement
  • Service Implementation
  • OnGuard Design and implementation
    • Quarantine users
    • Remediation
  • Onboard Design and implementation
    • User and device authorization
  • Informational Pages
  • Authorization validation
  • Troubleshooting Enforcement
  • Downloadable Roles 

Guest Access Design

  • Guest Network Design
  • Captive Portal Flow
  • Design Tasks
  • Define Web Pages
  • Guest Services Design
  • Guest Services
  • Guest Access Controls
  • Configure Network Access Devices
  • Guest Account Creation
  • Guest Self-Registration
  • Guest Sponsor Approval
  • Self-Registration AD Drop-Down List
  • Requirements for Guest Enforcement

Multi-Pre Shared Key

  • Define the Requirements
  • High-level design
  • Device authorization
  • Service Design and implementation

Wired Access

  • AAA configuration
  • 1X and MAC auth
  • Using client profiling for authorization
  • Using conflict attribute for authorization
  • User Roles configuration in ArubaOS-S
  • User Roles configuration in ArubaOS-CX
  • Web Redirection
  • Multi-Service Ports
  • Downloadable User Roles Enforcement Profiles
  • Downloadable User Roles Configuration and Validation

Administrative Access

  • TACACs+ based NAD administration
  • TACACs+ command Authorization
  • Policy Manager Administrators
  • Guest and Onboard Operators
  • Register devices for MPSK
  • Insight Operators
  • Insight Reports and Alerts
Show me more

Course Prerequisites

Top
  • Any current Aruba ClearPass certification.
  • Aruba ClearPass Configuration course.
Show me more

We Care About Your Privacy

We are using cookies to give you the best experience on our site. Cookies are files stored in your browser and are used by most websites to help personalise your web experience. By continuing to use our website without changing the settings, you are agreeing to our use of cookies.

About your Privacy

We process your data for purposes such as delivering content or advertisements and measuring the delivery of such content or advertisements to extract insights about our website. We may share this information with our partners. Cookies set by Global Knowledge are labelled “first party”; you may exercise your preferences in relation to first party cookies by toggling the switch for each first party cookie category below. The remaining cookies are third party cookies; you may exercise your preferences in relation to each purpose by toggling the relevant switch below or by vendor by clicking “List of IAB Vendors.” These choices will be signaled globally to other websites participating in the Transparency and Consent Framework.
Privacy Statement

Necessary Cookies

These are cookies that are required for the Global Knowledge website to function and cannot be switched off in our systems. They include, for example, cookies that enable you to use a shopping cart or log into the booking area of our website.

Analytics Cookies

Analytics cookies are an optional but important part of our website's functionality. They help us to understand how you interact with our site by collecting and reporting information anonymously. The data collected by analytics cookies is used to improve the website's performance and enhance the user experience. It is important to note that these cookies do not collect any personal information that can be used to identify you.

Preferences Cookies

These are optional and you can turn them off and on. Please only use 2 to 3 lines of text here and if needed link to a page with more cookie info in Intro.

Performance Cookies

These cookies allow us to recognise and count the number of visitors to our website, traffic sources and to see how website visitors move around the website when they are using it. This helps us to improve the way the website works and improve your website experience. All information these cookies collect is aggregated and therefore anonymous.

Cookie Control toggle icon