Confidentiality, Integrity, Authenticity, Nonrepudiation
Authenticity and Nonrepudiation
Example Algorithm: DES and 3DES
Asymmetric Encryption Application: Authentication
Asymmetric Encryption Application: Encryption
Device Configuration: Certificates
Chapter 2 Understanding PKI Building Blocks
Subordinate Certification Authorities (Sub-CA)
Endpoint Entities: Users and Devices
Microsoft Windows Certificate Stores
Standards of Interests (ITU-T, PKCS, and ISO)
Chapter 3 PKI Processes and Procedures
Certificate Expiration and Renewal
Certificate Verification and Enforcement
Online Certificate Status Protocol
Certificate Authority Resiliency
Issues When Importing Key Pairs
Certificate Use and Validation
Basic Design with Flat CA Architecture
Hierarchical Architecture Without Chaining
Hierarchical Architecture with Chaining
Chapter 6 Integration in Large-Scale Site-to-Site VPN Solutions
How Do VPN Technologies Use PKI as a Service?
IKE Using Digital Certificates
PKI Design and Leading Practices
DMVPN with Hub-and-Spoke Model
DMVPN Integration with PKI Using a Spoke-to-Spoke Model
DMVPN Migration from Preshared Authentication to Digital Certificates
GETVPN PKI Design and Leading Practices
GETVPN Deployment with Dual Key Servers and Dual Subordinate CAs
PKI Troubleshooting with VPN Examples
Chapter 7 Integration in Remote Access VPN Solutions
Deploying IPsec VPN Remote Access on the ASA
Cisco VPN Client Using Digital Certificates
Troubleshooting the AnyConnect Solution
Chapter 8 Using 802.1X Certificates in Identity-Based Networking
EAP-TLS: Certificate-Based 802.1x
Step 1: Enroll ACS in the Certificate Authority
Step 2: Add the CA in the Identity Store
Step 3: Add AD as an External Database
Step 4: Configure a Certificate Authentication Profile
Step 5: Add an Access Service for 802.1x
Step 6: Configure the Access Service Identity Policy
Step 7: Configure Service Selection Rule
Chapter 9 PKI in Unified Communications
Manufacturer Installed Certificate (MIC)
Call Authentication and Encryption
Software and Configuration Security
802.1x and Network Admission Control
Chapter 10 Understanding Cisco Virtual Office
Chapter 11 Deploying VPNs with PKI Using Cisco Security Manager
Cisco ASA IPsec VPN Remote Access
Deploying IPsec VPN Remote Access on the ASA Using CSM