No
Yes
View More
View Less
Working...
Close
OK
Cancel
Confirm
System Message
Delete
Schedule
An unknown error has occurred and your request could not be completed. Please contact support.
Scheduled
Wait Listed
Personal Calendar
Participant
Conference Event
Meeting
Interest
There aren't any available sessions at this time.
Conflict Found
This session is already scheduled at another time. Would you like to...
Loading...
Please enter a maximum of {0} characters.
{0} remaining of {1} character maximum.
Please enter a maximum of {0} words.
{0} remaining of {1} word maximum.
must be 50 characters or less.
must be 40 characters or less.
Session Summary
On-demand Library
Cisco Live Session Videos and Presentations Listing
Online Events
Upcoming Cisco Live events
Social Networking
Connect with Cisco Live
Solutions Center
Cisco Live Conference Exhibitors
Prizes
Cisco Live Survey
In-person Events
http://www.ciscolive.com/global/?cid=CLO-global
Cisco Live Milan 2014
http://www.ciscolive.com/emea/?cid=CLO-EU
Event Details
http://www.ciscolive.com/emea/details/?cid=CLO-EU
Scheduler
https://www.ciscolivemilan.com/connect/publicDashboard.ww?cid=CLO-EU
Social Media
http://www.ciscolive.com/emea/social-networking/?cid=CLO-EU
Cisco Live Melbourne 2014
http://www.cisco.com/web/ANZ/cisco-live/index.html
Cisco Live San Francisco 2014
http://www.ciscolive.com/us?cid=CLO-US
Event Details
http://www.ciscolive.com/us/details/?cid=CLO-US
Scheduler (Live Jan 13)
https://www.ciscolive2014.com/connect/publicDashboard.ww?cid=CLO-US
Social Media
http://www.ciscolive.com/us/attendees/social-networking/?cid=CLO-US
Cisco Live Cancun
http://www.cisco.com/web/MX/ciscolive2013/
Log in to access thousands of sessions on cloud, BYOD, data center, and more!
Join now to access free content from global Cisco Live conferences.
Add to My Interests
Add to My File Queue
Remove From My Interests
Remove from my File Queue
Incomplete Account Information
You have not yet completed your account information. Would you like to do so now?
Edit Account Now
Ignore
  File Download Queue
Search Catalog

Aaron Woland

Sr. Secure Access Engineer , Cisco

Speaker Bio

Aaron Woland, CCIE No. 20113, is a Senior Secure Access Engineer at Cisco Systems, Inc., and works with Cisco’s Largest Customers all over the world. His primary job responsibilities include Secure Access and Identity deployments with ISE, solution enhancements, standards development, and futures. Aaron joined Cisco in 2005 and is currently a member of numerous security advisory boards, and standards body working groups. Prior to joining Cisco, Aaron spent 12 years as a Consultant and Technical Trainer. His areas of expertise include network and host security architecture and implementation, regulatory compliance, as well as route-switch and wireless. Aaron is the author of Cisco ISE for BYOD and Secure Unified Access book (Cisco Press), and many published white papers and design guides. Aaron is one of only six members of the Hall of Fame for Distinguished Speakers at Cisco Live, and is a security columnist for Network World where he blogs on all things related to Identity. His other certifications include: GHIC, GSEC, Certified Ethical Hacker, MCSE, VCP, CCSP, CCNP, CCDP and many other industry certifications.

Speaker Sessions

Advanced ISE and Secure Access Deployment (2013 Melbourne) Speaker(s): Aaron Woland

2011 and 2012 have been very busy years with the adoption of Cisco¹s Identity Services Engine, with a comprehensive systems-approach to Network Access Control and Policy enforcement. This session will discuss the recommended deployment of Identity Services Engine (ISE) based on best-practices and lessons learned in the Field. At the end of this session, the attendee should have a strong understanding of how to deploy ISE with 802.1X for wired and wireless networks. We will examine the correct use of profiling probes to meet the needs of the policy, tips and tricks for successful staged roll-outs, Guest Services, Load Balanced Deployment and High-Availability (HA), Distributed Deployment Guidelines, and Bring Your Own Device (BYOD) policy logic. Note: this session will not cover all possible options for deployment, only best-practices, tips and tricks with the current state of the solution (ISE 1.2). This is an advanced session that assumes prior knowledge of 802.1X and ISE design basics. This session is intended for a technical audience of Network or Security Administrators and Engineers.

Advanced ISE and Secure Access Deployment (2013 London) Speaker(s): Aaron Woland

2011 and 2012 have been very busy years with the adoption of Cisco¹s Identity Services Engine, with a comprehensive systems-approach to Network Access Control and Policy enforcement. This session will discuss the recommended deployment of Identity Services Engine (ISE) based on best-practices and lessons learned in the Field. At the end of this session, the attendee should have a strong understanding of how to deploy ISE with 802.1X for wired and wireless networks. We will examine the correct use of profiling probes to meet the needs of the policy, tips and tricks for successful staged roll-outs, Guest Services, Load Balanced Deployment and High-Availability (HA), Distributed Deployment Guidelines, and Bring Your Own Device (BYOD) policy logic. Note: this session will not cover all possible options for deployment, only best-practices, tips and tricks with the current state of the solution (ISE 1.2). This is an advanced session that assumes prior knowledge of 802.1X and ISE design basics. This session is intended for a technical audience of Network or Security Administrators and Engineers. The audience will also benefit from following the sessions: BRKSEC-2022 "Demystifying TrustSec, Identity, NAC and ISE", BRKSEC-2691 "Session Aware Networking: IEEE 802.1X and Beyond", BRKSEC-2690 "Deploying Security Group Tags", TECSEC-3671 "Advanced ISE Deployment for Network Identity"

TrustSec and ISE Deployment Best Practices (2012 San Diego) Speaker(s): Aaron Woland

2011 and 2012 have been very busy years with the adoption of Cisco’s TrustSec System, a comprehensive systems-approach to Network Access Control and Policy enforcement. This session will discuss the recommended deployment of TrustSec and Identity Services Engine (ISE) based on best-practices and lessons learned in the Field. At the end of this session, the attendee should have a strong understanding of how to deploy ISE with 802.1X for wired and wireless networks. We will examine the correct use of profiling probes to meet the needs of the policy, tips and tricks for successful staged roll-outs, Guest Services, and even Bring Your Own Device (BYOD) policy logic. Note: this session will not cover all possible options for deployment, only best-practices, tips and tricks with the current state of the solution. This is an advanced session that assumes prior knowledge of 802.1X and ISE design basics. This session is intended for a technical audience of Network or Security Administrators and Engineers.

Identity Services: Integrating Posture, Profiling and Guest Services with 802.1x (2012 Melbourne) Speaker(s): Aaron Woland

This session will discuss challenges for identifying and applying network security policies based on user identity, device identity, and other attributes such as posture (the who, what, where, and how). This session will introduce a new solution to apply policy to 802.1x networks that can utilise information derived from 802.1X/guest authentication, profiling and device posture using the Cisco Identity Services Engine (ISE). Network Admission Control, posture assessment, and device profiling design and deployment options will be presented. AAA, identity, and guest service solutions using ISE will also be introduced. It is assumed that all those attending this session have a working knowledge of 802.1X.

Introduction to Trustsec (2012 Melbourne) Speaker(s): Aaron Woland

This introductory session will help demystify the technology behind the Cisco TrustSec Identity Based Networking Solutions. We'll build use cases that will introduce, compare, and contrast different access control features and solutions. The technologies that will be covered include user & device authorization, 802.1X, NAC Appliance, Profiling Technology, supplicant's, certificates/PKI, posture, CoA, RADIUS, EAP, Guest Access, Security Group Access (SGA), and 802.1ae (MacSec).

Demystifying TrustSec, Identity, NAC and ISE (2012 London) Speaker(s): Aaron Woland

This session will help demystify the technology behind the Cisco TrustSec Identity Based Networking Solutions. We will build use cases that will introduce, compare, and contrast different access control features and solutions. The technologies that will be covered include user and device authorization, 802.1X, NAC, Identity Services Engine (ISE), Profiling Technology, supplicants, certificates/PKI, posture, CoA, RADIUS, EAP, Guest Access, Security Group Access (SGA), and 802.1AE (MacSec). This session target Network and Security IT manager that need to implement the next Generation Unified Access Network.

Demystifying TrustSec, Identity, NAC and ISE (2012 San Diego) Speaker(s): Aaron Woland

This session will help demystify the technology behind the Cisco TrustSec Network Access Control System. We will build use cases that will introduce, compare, and contrast different access control features and solutions. The technologies that will be covered include user and device authorization, 802.1X, NAC, Identity Services Engine (ISE), Profiling Technology, Supplicants, certificates/PKI, Posture Assessment, CoA, RADIUS, EAP, Guest Access, Security Group Access (SGA), and 802.1AE (MacSec), and BYOD.

 

This session is intended for Network, Security and Systems Administrators, Engineers, and Management, hat need to implement the next Generation Unified Access Network.

 

Advanced ISE and Secure Access Deployment (2014 Milan) Speaker(s): Aaron Woland

2012 and 2013 have been very busy years with the adoption of Cisco¹s Identity Services Engine, with a comprehensive systems-approach to Network Access Control and Policy enforcement. This session will discuss the recommended deployment of Identity Services Engine (ISE) based on best-practices and lessons learned in the Field. At the end of this session, the attendee should have a strong understanding of how to deploy ISE with 802.1X for wired and wireless networks. We will examine the correct use of profiling probes to meet the needs of the policy, tips and tricks for successful staged roll-outs, Guest Services, Load Balanced Deployment and High-Availability (HA), Distributed Deployment Guidelines, and Bring Your Own Device (BYOD) policy logic. Note: this session will not cover all possible options for deployment, only best-practices, tips and tricks with the current state of the solution (ISE 1.2). This is an advanced session that assumes prior knowledge of 802.1X and ISE design basics. This session is intended for a technical audience of Network or Security Administrators and Engineers. The audience will also benefit from following the session:
TECSEC-3671 "Advanced ISE Deployment for Network Identity" and BRKSEC-2044  "Building an Enterprise Access Control Architecture with ISE"

Advanced ISE and Secure Access Deployment (2013 Orlando) Speaker(s): Aaron Woland

2011 and 2012 have been very busy years with the adoption of Cisco's Identity Services Engine (ISE), with a comprehensive systems-approach to Network Access Control and Policy enforcement. This technical session will discuss best-practice deployment as well as tips and tricks with Identity Services Engine (ISE) based on lessons learned in the field. At the end of this session, the attendee should have a stronger comfort level with the nuances related to deploying ISE with 802.1X for wired and wireless networks. We will examine the correct use of profiling probes to meet the needs of the policy, tips and tricks for successful staged roll-outs, Guest Services, Load Balanced Deployments and High-Availability (HA), Distributed Deployment Guidelines, and advancements in the industry related to Identity networking. Note: this session will not cover all possible options for deployment, only best-practices, tips and tricks with the current state of the solution (ISE 1.2). This is an advanced session that assumes prior knowledge of 802.1X and ISE design basics. This session is intended for a technical audience of Network or Security Administrators and Engineers. The audience will also benefit from following the sessions: BRKSEC-2022 ';Demystifying TrustSec, Identity, NAC and ISE';, BRKSEC-2691 ';Session Aware Networking: IEEE 802.1X and Beyond';, BRKSEC-2690 ';Deploying Security Group Tags';, TECSEC-3671 ';Advanced ISE Deployment for Network Identity';

Advanced ISE Services, Tips and Tricks (2014 San Francisco) Speaker(s): Aaron Woland

Cisco's Identity Services Engine (ISE) delivers context-based access control for every endpoint that connects to your network. This advanced session will focus on the advanced services of ISE, successful deployment strategies, integration with Cisco as well as third party network infrastructure, as well as deployment tips and tricks. We will examine best practices for Bring Your Own Device (BYOD) deployments with the most common mobile platforms, including multiple tiers of registered devices. We will perform a detailed examination of certificate usage including integration of ISE with your enterprise certificate authority (CA), endpoint certificate usage, and wildcard certificates. There will be a detailed examination of guest life-cycle management, including self-service and sponsored guest access models. Lastly, attendees will be introduced to troubleshooting and serviceability tips. Attendees will also benefit from the following related sessions: BRKSEC-3699 Designing ISE for Scale and High Availability, BRKSEC 2698 Building an Enterprise Access Control Architecture using ISE and TrustSec