Cisco DoD Comply-to-Connect (C2C)

In this Cisco DoD Comply-to-Connect (C2C) comprehensive, hands-on course has an exploration of Cisco C2C (Cisco-to-Cisco) security integrations and Cisco Identity Services Engine, focusing on identity-driven access control, endpoint visibility, compliance enforcement, and ecosystem integrations. It is designed for network and security professionals who need to implement and operate advanced identity-based security solutions across complex enterprise environments. The course progresses from foundational concepts into advanced design, integration, and operational troubleshooting.

Students begin by examining Cisco Identity-Based Networking Services and Cisco ISE architecture and deployment models, establishing a strong foundation in how authentication, authorization, and accounting are enforced across wired and wireless networks. The curriculum then advances into policy configuration, PKI and certificate-based authentication, endpoint profiling, and posture compliance, emphasizing how identity, device context, and security posture drive dynamic access decisions.

The course also explores real-world C2C use cases and third-party integrations with platforms such as Tenable, MECM, and Trellix, demonstrating how external security and endpoint intelligence enhances policy enforcement. Cisco TrustSec and TACACS+ device administration modules extend identity-based control into segmentation and infrastructure access management. Extensive hands-on labs reinforce each topic, preparing students to deploy, integrate, and troubleshoot enterprise-grade Cisco ISE and C2C solutions with confidence.

• Define DoD C2C, including its steps and alignment with ISE features/functions and Zero Trust
• Describe Cisco Identity-Based Networking Services
• Describe the Cisco Identity Services Engine
• Explain Cisco ISE deployment
• Describe Cisco ISE policy enforcement components
• Describe Cisco ISE policy configuration
• Explain PKI fundamentals, technology, components, roles, and software supplicants
• Describe the Cisco ISE profiler service
• Configure endpoint compliance
• Configure client posture services
• Describe profiling best practices and reporting
• Describe the four main use cases within C2C
• Explain the purpose and the configuration of integrating Cisco ISE with Tenable
• Describe the purpose and benefits of integrating Cisco ISE with MECM
• Describe the purpose and benefits of integrating Cisco ISE with Trellix
• Troubleshoot Cisco ISE policy and third-party NAD support
• Describe Cisco ISE TrustSec configurations
• Configure Cisco ISE device administration

This training is a Department of Defense mandate, ensuring compliance with cybersecurity protocols and procedures. The target audience includes individuals seeking the knowledge and skills involved in deploying, operating, and verifying Cisco DoD C2C network architecture, such as: 

• Network Security Engineers
• Network Administrators
• Security Administrators

There are no prerequisites for this training. However, the knowledge and skills you are recommended to have before attending this training are: 

• Familiarity with 802.1X
• Familiarity with Microsoft Windows Operating Systems
• Familiarity with Cisco IOS CLI for wired and wireless network devices
• Familiarity with Cisco Identity Service Engine

These skills can be found in the following Cisco Learning Offering:     

• Implementing and Configuring Cisco Identity Services Engine (SISE) 

COURSE OUTLINE

Module 1: C2C Fundamentals  

Module 2: Cisco Identity-Based Networking Services    

Module 3: Introducing Cisco ISE Architecture  

Module 4: Introducing Cisco ISE Deployment  

Module 5: Introducing Cisco ISE Policy Enforcement Components   

Module 6: Introducing Cisco ISE Policy Configuration   

Module 7: PKI and Advanced Supplicants  

Module 8: Introducing the Cisco ISE Profiler   

Module 9: Introducing Cisco ISE Endpoint Compliance Services  

Module 10: Configuring Client Posture Services and Compliance  

Module 11: Introducing Profiling Best Practices and Reporting  

Module 12: C2C Use Cases  

Module 13: C2C Third-Party Integrations—Tenable 

Module 14: C2C Third-Party Integrations—MECM 

Module 15: C2C Third-Party Integrations—Trellix 

Module 16: Troubleshooting Cisco ISE Policy and Third-Party NAD Support  

Module 17: Exploring Cisco TrustSec  

Module 18: Working with Network Access Devices 

LAB OUTLINE

• Initial Configuration and Certificate Usage
• Integrate Cisco ISE with Active Directory
• AAA Policy for MAB
• AAA Policy for 802.1X
• TEAP on Windows
• Cisco ISE Profiling Configuration
• Profiling Customization
• Cisco ISE Compliance Services
• Client Provisioning
• Posture Policies
• Compliance-Based Access
• Profiling Reports
• DISA Reports
• Certificate-Based Authentication for Cisco ISE Administration
• Cisco TrustSec
• TACACS+ Basic Device Administration
• TACACS+ Command Authorization