ARUBA TRAINING

Course Overview
Duration: 3 Days

Using lectures and labs, the 3-day Scalable WLAN Design and Implementation (SWDI) course builds upon concepts introduced in the Implementing Aruba WLANs course. SWDI covers content enabling the student to understand and implement advanced topics included in Aruba's firewall features such as policy design, authentication and role derivation. Additionally, it covers subject material for building complex networks using Aruba's Remote APs and multi-controller environments based upon the Campus WLAN Reference Architecture 3.3 for network design and redundancy.
Who should attend?

Network engineers with more than a single controller in the network
Prerequisites

* Aruba Certified Mobility Associate (ACMA) certification required
* Implementing Aruba WLANs course recommended
* Ability to provision an Aruba controller with multiple SSIDs, captive portal and 802.1X

Course Contents
This course covers the following topics:

* Review of Aruba infrastructure
    o Initial controller setup lab

* Advanced Firewall
    o Basic firewall review
    o Detailed policy discussion
    o Policy creation
    o Assigning policies to AP groups
    o Understanding the valid user ACL
    o Client blacklisting
    o Protecting wired ports 
    o Aruba ACLs
    o Global firewall policy
    o Aliases and destinations
    o Bandwidth contracts
    o Lab - common protocol policy for all users 
    o Lab - client blacklist policy for guest users
    o Lab - assigning ACLs to wired ports to protect the management interface
    o Lab - creating and assigning bandwidth contracts to users
    o Authentication, roles, and derivation
    o User role review
    o Fail through and fall through
    o AAA FastConnect
    o FQDN RADIUS
    o Machine authentication
    o User rule role derivation
    o Server rule role derivation
    o Troubleshooting roles, and derivation
    o Lab - enabling AAA FastConnect
    o Lab - management user role creation and policy assignment
    o Lab - server side role derivation
    o Lab - encryption based role derivation
* Wired Access
    o Secure Jack
    o Wired Multiplexers
    o Configuring Secure Jack operation
    o Lab - Configuring secure jack " RAP

* RAP review
    o Forwarding modes
    o Configuring bridge mode
    o Configuring split tunnel
    o Redundancy operation modes
    o Hotel connect
    o Server redundancy
    o Slow link support
    o IKE PSK refresh
    o RAP provisioning review
    o Lab - Configuring split tunnel policy
    o Lab - Applying split tunnel policy to users in the RAP AP group
    o Lab - Configuring hotel connect
    o Lab - Provisioning RAP APs " Master/local operation

* Master/local benefits
    o Inter-controller IPSec
    o Controller specific AP Groups
    o Lab - Reprovisioning controllers for master/local operation using the Setup Wizard
    o Lab - Reprorvisioning APs for master/local operation

* Mobility
    o 802.11 mobility review
    o L2 vs. L3 mobility
    o Understanding mobility domains
    o Configuring mobility domains
    o VLAN pooling
    o Lab - Configure L3 mobility and the home agent table

* Master redundancy
    o Understanding master redundancy
    o Configuring master redundancy and VRRP
    o Lab - Configuring master redundancy and VRRP

* Local redundancy
    o Understanding N+1 redundancy
    o Understanding active-active redundancy using VRRP
    o Lab - Configuring local redundancy using active-active and VRRP

 * Wireless intrusion prevention
    o L1 attacks
    o L2 attacks
    o Management of IDS events
    o Rogue AP detection, location, and containment
    o Lab - Air monitor group creation and provisioning
    o Lab - Rogue containment

Ga terug naar het overzicht