Course Overview
This one-day course provides students with the knowledge to configure and monitor Juniper Mist™ Access Assurance. Key topics include the purpose of network access control (NAC), the Juniper Mist Access Assurance cloud architecture, Juniper Mist™ Edge authentication proxy, authentication, authorization, and accounting (AAA) components, 802.1X and Extensible Authentication Protocol (EAP) operations, RADIUS concepts, RadSec, authorization of 802.1X and non-802.1X devices, identity provider (IdP) integration, Juniper Mist Access Assurance authentication policies and methods, and integration with mobile device management (MDM).
The lab is based on Juniper Mist Access Assurance and Juniper® AP45 High-Performance Access Point.
Who should attend
This course is for individuals who are responsible for implementing and monitoring Juniper Mist Access Assurance
Prerequisites
- General understanding of TCP/IP
- General understanding of security concepts
- Completion of the Introduction to Juniper Mist AI (IJMA) course recommended, but not required
Course Objectives
After successfully completing this course, the students should be able to:
- Describe the purpose of and the need for network access control.
- Explain the Juniper Mist Access Assurance cloud architecture.
- Discuss third-party device support with Juniper Mist Edge authentication proxy.
- Describe common use cases with Juniper Mist Access Assurance.
- Discuss Juniper Mist Access Assurance best practices.
- List AAA components.
- Explain 802.1X operations.
- Discuss how the RADIUS protocol works.
- Describe RADIUS server attributes.
- Explain the functionality of RadSec.
- Discuss the Juniper Mist Access Assurance 802.1X certificate and password authentication methods.
- Explain how Juniper Mist Access Assurance can authenticate devices that don’t support 802.1X.
- Describe IdP integration with Juniper Mist Access Assurance.
- Explain how to configure Juniper Mist Access Assurance authentication policies with match labels and action labels.
- Discuss how to configure Juniper Mist Access Assurance authentication methods.
- Explain how to configure Juniper Mist Edge for the Juniper Mist authentication proxy function.
- Describe how to validate Juniper Mist Access Assurance access and authentication.
- Implement Juniper Mist Access Assurance with wired and wireless devices.
- Discuss Juniper Mist Access Assurance integration with MDM providers.
Course Content
Understanding Network Access Control
- Describe the components of network access control
- Explain the history of network access control
- Explain Juniper Mist Access Assurance
Juniper Mist Access Assurance Overview
- Explain the cloud architecture
- Explain Juniper Mist-managed devices and requirements
- Describe third-party device support
- Describe the client use cases of Juniper Mist Access Assurance
- Describe the best practices of Juniper Mist Access Assurance
802.1X Authentication
- Describe the components of AAA
- Describe 802.1X operations
- Describe the EAP operations
- Define the RADIUS protocol
Authentication and Authorization
- Explain 802.1X certificates and passwords
- Define IdP integration
- Explain non-802.1X devices
- Describe migration from legacy to IdP
Configuring Juniper Mist Access Assurance
- Describe authentication policy configuration
- Describe EAP-TLS configuration
- Describe EAP-TTLS configuration
- Describe MAB configuration
- Describe Juniper Mist authentication proxy configuration
Lab 1: Implementing Mist Active Assurance
Posture Compliance
- Explain posture compliance
- Describe Microsoft Intune integration
- Describe Jamf Pro integration
- Describe verifying compliance
Lab 1: Implementing Mist Active Assurance
