-
Cisco Duo is a cloud-based security solution for multi-factor authentication (MFA) that helps companies to protect access to their systems, especially in the course of Zero Trust Network Access (ZTNA). With Cisco Duo, users can be securely authenticated using a combination of a password and a second factor, such as a mobile device. The solution is easy to implement and user-friendly, which promotes rapid adoption. Cisco Duo also provides comprehensive visibility and control over access by providing detailed reporting and monitoring capabilities. By integrating with existing IT infrastructures, Cisco Duo improves security and reduces the risk of unauthorized access. With its user-friendly app and intuitive admin dashboard, Cisco Duo is not only a popular platform for MFA but also for other important solutions such as Passwordless, SSO and Cloud Authentication.
-
Course Contents
-
- Standards and platforms for identity and authentication systems
- Web Authentication, FIDO2 [WebAuthN + CTAP2] and OpenID Connect (OIDC)
- Introduction to Cisco Duo
- Licensing & Packages
- User administration in Cisco Duo
- Integration of Cisco Duo into networks
- Cisco Duo Gateway & Cisco DuoConnect
- Sync Directory
- Cisco Duo Proxy (LDAP/Radius)
- VPN integration
- Monitoring and best practices
- Fallback and Disaster Recovery
- Single Sign-on Cisco Duo Central
- Tutorials
The detailed digital documentation package, consisting of an e-book and PDF, is included in the price of the course.
Premium Course Documents
In addition to the digital documentation package, the exclusive Premium Print Package is also available to you.
- High-quality color prints of the ExperTeach documentation
- Exclusive folder in an elegant design
- Document pouch in backpack shape
- Elegant LAMY ballpoint pen
- Practical notepad
The Premium Print Package can be added during the ordering process for € 150,- plus VAT (only for classroom participation).
-
Target Group
-
The course is aimed at security, IAM and VPN administrators.
-
Knowledge Prerequisites
-
Knowledge of networking and classic authentication protocols such as RADIUS is required. Prior attendance of the training courses Network Access Control with Cisco ISE - IEEE 802.1X, Guest Access and Trust Sec or SISE - Implementing and Configuring Cisco Identity Services Engine guarantees optimal preparation.
Please note that multiple authentication is required in this course in order to use the lab environment. For this purpose, the Cisco Duo app must be installed on your smartphone for the duration of the course.
| 1 | Standards und Plattformen für Identitäts- und Authentisierungssysteme |
| 1.1 | Web Authentication |
| 1.1.1 | FIDO2 [WebAuthN + CTAP2] |
| 1.2 | OpenID Connect (OIDC) |
| 1.3 | oAuth |
| 1.3.1 | oAUTH vs OIDC |
| 1.4 | Unified Identity |
| 1.5 | Passwort-loses Authentisieren |
| 1.5.1 | OTP (One Time Password) |
| 1.6 | Risikobasierte Authentisierung |
| 1.7 | Angriffe weiterhin möglich |
| 2 | Einführung in Cisco Duo |
| 2.1 | Hintergrund und Entwicklungsüberblick |
| 2.1.1 | Infrastruktur |
| 2.1.2 | IP Kommunikation mit der DUO Cloud |
| 2.1.3 | Vielseitige Integration |
| 2.1.4 | API & SDK |
| 2.2 | Wichtige Funktionen: |
| 2.3 | Komponenten und ihre Rollen |
| 2.4 | Licensing & Packages |
| 3 | Benutzerverwaltung und DUO Integration im Netzwerk |
| 3.1 | Admins |
| 3.2 | Benutzererstellung und -Verwaltung |
| 3.2.1 | Tokens |
| 3.3 | Gruppen und Richtlinien definierenn. |
| 3.4 | Policies |
| 3.4.1 | Policy Bestandteile |
| 3.5 | DUO DeskTop & Trusted Endpoints |
| 3.5.1 | Trusted Endpoints |
| 3.5.2 | Multi-Faktor-Authentisierung LAB |
| 3.6 | Sync Directory |
| 3.6.1 | DUO Proxy (LDAP/Radius) |
| 3.6.2 | VPN-Integration: LAB2 |
| 4 | Überwachung und Best Practices |
| 4.1 | DUO Cloud Status |
| 4.1.1 | Dienst-Ausfall |
| 4.2 | Protokollierung und Ereignisüberwachung |
| 4.3 | Erstellung von Berichten & LAB3 |
| 4.4 | Weitere Features und Best Practices |
| 4.4.1 | Fall-back und Disaster Recovery |
| 4.4.2 | Verhalten der App im Ausfall |
| 5 | SSO und ZTNA |
| 5.1 | DUO Gateway & Duo Connect |
| 5.1.1 | SingleSign On Duo-Central |
| 5.1.2 | SSO Config |
| 5.2 | ZTNA / VPN-Less Remotezugriff |
| 5.2.1 | DNG Integration |
| 5.3 | DNG High-Availability |
| A | Cisco Duo Übungen- Guide |
| A.1 | Netzwerktopologie |
| A.2 | Kostenlosen DUO Account Erstellen |
| A.3 | Prompt, Logo und Name anpassen |
| A.4 | Web App Anmeldung schützen |
| A.4.1 | Test Client Vorbereitung |
| A.4.2 | User Enrollment |
| A.5 | Duo Policies |
| A.6 | DUO Desktop App & Checks |
| A.7 | Local AD Sync mit Duo |
| A.7.1 | Users anlegen |
| A.7.2 | AD Test mit VPN Remote-Zugriff |
| A.7.3 | AD Kopplung an DUO |
| A.7.4 | AD-User DUO-App-Enrollment |
| A.8 | LDAP Proxy für die VPN Authentisierung |
| A.9 | Bonus Lab: (OTP) Passcode |
-
Classroom training
- Do you prefer the classic training method? A course in one of our Training Centers, with a competent trainer and the direct exchange between all course participants? Then you should book one of our classroom training dates!
-
Hybrid training
- Hybrid training means that online participants can additionally attend a classroom course. The dynamics of a real seminar are maintained, and the online participants are able to benefit from that. Online participants of a hybrid course use a collaboration platform, such as WebEx Training Center or Saba Meeting. To do this, a PC with browser and Internet access is required, as well as a headset and ideally a Web cam. In the seminar room, we use specially developed and customized audio- and video-technologies. This makes sure that the communication between all persons involved works in a convenient and fault-free way.
-
Online training
- You wish to attend a course in online mode? We offer you online course dates for this course topic. To attend these seminars, you need to have a PC with Internet access (minimum data rate 1Mbps), a headset when working via VoIP and optionally a camera. For further information and technical recommendations, please refer to.
-
Tailor-made courses
-
You need a special course for your team? In addition to our standard offer, we will also support you in creating your customized courses, which precisely meet your individual demands. We will be glad to consult you and create an individual offer for you.
You can find the complete description of this course with dates and prices ready for download at as PDF.-
Cisco Duo is a cloud-based security solution for multi-factor authentication (MFA) that helps companies to protect access to their systems, especially in the course of Zero Trust Network Access (ZTNA). With Cisco Duo, users can be securely authenticated using a combination of a password and a second factor, such as a mobile device. The solution is easy to implement and user-friendly, which promotes rapid adoption. Cisco Duo also provides comprehensive visibility and control over access by providing detailed reporting and monitoring capabilities. By integrating with existing IT infrastructures, Cisco Duo improves security and reduces the risk of unauthorized access. With its user-friendly app and intuitive admin dashboard, Cisco Duo is not only a popular platform for MFA but also for other important solutions such as Passwordless, SSO and Cloud Authentication.
-
Course Contents
-
- Standards and platforms for identity and authentication systems
- Web Authentication, FIDO2 [WebAuthN + CTAP2] and OpenID Connect (OIDC)
- Introduction to Cisco Duo
- Licensing & Packages
- User administration in Cisco Duo
- Integration of Cisco Duo into networks
- Cisco Duo Gateway & Cisco DuoConnect
- Sync Directory
- Cisco Duo Proxy (LDAP/Radius)
- VPN integration
- Monitoring and best practices
- Fallback and Disaster Recovery
- Single Sign-on Cisco Duo Central
- Tutorials
The detailed digital documentation package, consisting of an e-book and PDF, is included in the price of the course.
Premium Course Documents
In addition to the digital documentation package, the exclusive Premium Print Package is also available to you.
- High-quality color prints of the ExperTeach documentation
- Exclusive folder in an elegant design
- Document pouch in backpack shape
- Elegant LAMY ballpoint pen
- Practical notepad
The Premium Print Package can be added during the ordering process for € 150,- plus VAT (only for classroom participation).
-
Target Group
-
The course is aimed at security, IAM and VPN administrators.
-
Knowledge Prerequisites
-
Knowledge of networking and classic authentication protocols such as RADIUS is required. Prior attendance of the training courses Network Access Control with Cisco ISE - IEEE 802.1X, Guest Access and Trust Sec or SISE - Implementing and Configuring Cisco Identity Services Engine guarantees optimal preparation.
Please note that multiple authentication is required in this course in order to use the lab environment. For this purpose, the Cisco Duo app must be installed on your smartphone for the duration of the course.
| 1 | Standards und Plattformen für Identitäts- und Authentisierungssysteme |
| 1.1 | Web Authentication |
| 1.1.1 | FIDO2 [WebAuthN + CTAP2] |
| 1.2 | OpenID Connect (OIDC) |
| 1.3 | oAuth |
| 1.3.1 | oAUTH vs OIDC |
| 1.4 | Unified Identity |
| 1.5 | Passwort-loses Authentisieren |
| 1.5.1 | OTP (One Time Password) |
| 1.6 | Risikobasierte Authentisierung |
| 1.7 | Angriffe weiterhin möglich |
| 2 | Einführung in Cisco Duo |
| 2.1 | Hintergrund und Entwicklungsüberblick |
| 2.1.1 | Infrastruktur |
| 2.1.2 | IP Kommunikation mit der DUO Cloud |
| 2.1.3 | Vielseitige Integration |
| 2.1.4 | API & SDK |
| 2.2 | Wichtige Funktionen: |
| 2.3 | Komponenten und ihre Rollen |
| 2.4 | Licensing & Packages |
| 3 | Benutzerverwaltung und DUO Integration im Netzwerk |
| 3.1 | Admins |
| 3.2 | Benutzererstellung und -Verwaltung |
| 3.2.1 | Tokens |
| 3.3 | Gruppen und Richtlinien definierenn. |
| 3.4 | Policies |
| 3.4.1 | Policy Bestandteile |
| 3.5 | DUO DeskTop & Trusted Endpoints |
| 3.5.1 | Trusted Endpoints |
| 3.5.2 | Multi-Faktor-Authentisierung LAB |
| 3.6 | Sync Directory |
| 3.6.1 | DUO Proxy (LDAP/Radius) |
| 3.6.2 | VPN-Integration: LAB2 |
| 4 | Überwachung und Best Practices |
| 4.1 | DUO Cloud Status |
| 4.1.1 | Dienst-Ausfall |
| 4.2 | Protokollierung und Ereignisüberwachung |
| 4.3 | Erstellung von Berichten & LAB3 |
| 4.4 | Weitere Features und Best Practices |
| 4.4.1 | Fall-back und Disaster Recovery |
| 4.4.2 | Verhalten der App im Ausfall |
| 5 | SSO und ZTNA |
| 5.1 | DUO Gateway & Duo Connect |
| 5.1.1 | SingleSign On Duo-Central |
| 5.1.2 | SSO Config |
| 5.2 | ZTNA / VPN-Less Remotezugriff |
| 5.2.1 | DNG Integration |
| 5.3 | DNG High-Availability |
| A | Cisco Duo Übungen- Guide |
| A.1 | Netzwerktopologie |
| A.2 | Kostenlosen DUO Account Erstellen |
| A.3 | Prompt, Logo und Name anpassen |
| A.4 | Web App Anmeldung schützen |
| A.4.1 | Test Client Vorbereitung |
| A.4.2 | User Enrollment |
| A.5 | Duo Policies |
| A.6 | DUO Desktop App & Checks |
| A.7 | Local AD Sync mit Duo |
| A.7.1 | Users anlegen |
| A.7.2 | AD Test mit VPN Remote-Zugriff |
| A.7.3 | AD Kopplung an DUO |
| A.7.4 | AD-User DUO-App-Enrollment |
| A.8 | LDAP Proxy für die VPN Authentisierung |
| A.9 | Bonus Lab: (OTP) Passcode |
-
Classroom training
- Do you prefer the classic training method? A course in one of our Training Centers, with a competent trainer and the direct exchange between all course participants? Then you should book one of our classroom training dates!
-
Hybrid training
- Hybrid training means that online participants can additionally attend a classroom course. The dynamics of a real seminar are maintained, and the online participants are able to benefit from that. Online participants of a hybrid course use a collaboration platform, such as WebEx Training Center or Saba Meeting. To do this, a PC with browser and Internet access is required, as well as a headset and ideally a Web cam. In the seminar room, we use specially developed and customized audio- and video-technologies. This makes sure that the communication between all persons involved works in a convenient and fault-free way.
-
Online training
- You wish to attend a course in online mode? We offer you online course dates for this course topic. To attend these seminars, you need to have a PC with Internet access (minimum data rate 1Mbps), a headset when working via VoIP and optionally a camera. For further information and technical recommendations, please refer to.
-
Tailor-made courses
-
You need a special course for your team? In addition to our standard offer, we will also support you in creating your customized courses, which precisely meet your individual demands. We will be glad to consult you and create an individual offer for you.
You can find the complete description of this course with dates and prices ready for download at as PDF.
Hybrid Training
Trainer language German