Practical NAC Workshop
RCCE students will learn network access control architectures including 802.1X authentication, RADIUS/TACACS+ integration, device posture assessment, guest networking, and network segmentation enforcement. RCCE students will learn to design and deploy NAC solutions that enforce access policies based on user identity, device health, and location, configure pre-admission and post-admission controls, implement remediation workflows for non-compliant devices, troubleshoot NAC authentication failures, detect and respond to NAC bypass attempts, integrate NAC with endpoint management platforms, and maintain NAC policies as organizational requirements evolve. This practice-intensive course emphasizes applied skills through lab exercises, real-world scenarios, and production-realistic workflows. At an expert level, RCCE students will learn by doing, building muscle memory and practical confidence through repeated hands-on engagement. Students complete exercises that mirror actual workplace tasks, ensuring skills transfer directly to their professional roles.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Practical NAC Workshop
- Design a scalable privilege management architecture with policy and enforcement, including enterprise NAC solutions.
- Execute hands-on tasks for deployment & operations — covering pre/post-admission controls.
- Execute hands-on tasks for troubleshooting & defense — covering Debug 802.1X authentication failures.
- Build detections and response workflows for privilege escalation, including Respond to NAC policy violations.
- Execute hands-on tasks for network access control — covering Policy-based access enforcement, BYOD explosion increases risk surface.
- Execute hands-on tasks for why nac matters — covering Policy-based access enforcement.
- Explain NAC Architecture Overview fundamentals
- Execute hands-on tasks for auth server
- Execute hands-on tasks for policy store
- Execute hands-on tasks for data plane components — covering Network switches with 802.1X support.
- Execute hands-on tasks for control plane components — covering AAA server (RADIUS/TACACS+).
- Design a scalable privilege management architecture with policy and enforcement, including Sits in traffic path, and Separate from data path.
| Module 01 | Architecture & Design |
| Module 02 | Deployment & Operations |
| Module 03 | Troubleshooting & Defense |
| Module 04 | Incident Response |
| Module 05 | Network Access Control |
| Module 06 | Why NAC Matters |
| Module 07 | NAC Architecture Overview |
| Module 08 | Auth Server |
| Module 09 | Policy Store |
| Module 10 | Data Plane Components |
| Module 11 | Control Plane Components |
| Module 12 | NAC Deployment Models |
| Module 13 | Inline NAC |
| Module 14 | Out-of-Band NAC |
All hands-on labs run on Rocheston Rose X OS. Students practice practical nac workshop by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Design a scalable privilege management architecture with policy and enforcement
- Lab 2: Execute hands-on tasks for deployment & operations
- Lab 3: Execute hands-on tasks for troubleshooting & defense
- Lab 4: Build detections and response workflows for privilege escalation
- Lab 5: Execute hands-on tasks for network access control
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Practical NAC Workshop, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI