IT Training

Implementing and Configuring Cisco Identity Services Engine (SISE)

The Implementing and Configuring Cisco Identity Services Engine (SISE) v3.0 course shows you how to deploy and use Cisco® Identity Services Engine (ISE) v2.4, an identity and access control policy platform that simplifies the delivery of consistent, highly secure access control across wired, wireless, and VPN connections. This hands-on course provides you with the knowledge and skills to implement and use Cisco ISE, including policy enforcement, profiling services, web authentication and guest access services, BYOD, endpoint compliance services, and TACACS+ device administration.

Who should attend this course?

Network security engineers, ISE administrators, Wireless network security engineers, Cisco integrators and partners

Prerequisites

It is recommended, but not required, to have the following skills and knowledge before attending this course:

Familiarity with the Cisco IOS® Software command-line interface (CLI)
Familiarity with Cisco AnyConnect® Secure Mobility Client
Familiarity with Microsoft Windows operating systems
Familiarity with 802.1X

Upon completion of this course, you will be able to:

Describe Cisco ISE deployments, including core deployment components and how they interact to create a cohesive security architecture. Describe the advantages of such a deployment and how each Cisco ISE capability contributes to these advantages.
Describe concepts and configure components related to 802.1X and MAC Authentication Bypass (MAB) authentication, identity management, and certificate services.
Describe how Cisco ISE policy sets are used to implement authentication and authorization, and how to leverage this capability to meet the needs of your organization.
Describe third-party network access devices (NADs), Cisco TrustSec®, and Easy Connect.
Describe and configure web authentication, processes, operation, and guest services, including guest access components and various guest access scenarios.
Describe and configure Cisco ISE profiling services, and understand how to monitor these services to enhance your situational awareness about network-connected endpoints. Describe best practices for deploying this profiler service in your specific environment.
Describe BYOD challenges, solutions, processes, and portals. Configure a BYOD solution, and describe the relationship between BYOD processes and their related configuration components. Describe and configure various certificates related to a BYOD solution.
Describe the value of the My Devices portal and how to configure this portal.
Describe endpoint compliance, compliance components, posture agents, posture deployment and licensing, and the posture service in Cisco ISE.
Describe and configure TACACS+ device administration using Cisco ISE, including command sets, profiles, and policy sets. Understand the role of TACACS+ within the authentication, authentication, and accounting (AAA) framework and the differences between the RADIUS and TACACS+ protocols.
Migrate TACACS+ functionality from Cisco Secure Access Control System (ACS) to Cisco ISE, using a migration tool.

Section 1: Introducing Cisco ISE Architecture and Deployment

Using Cisco ISE as a Network Access Policy Engine
Cisco ISE Use Cases
Describing Cisco ISE Functions
Cisco ISE Deployment Models
Context Visibility
Discovery 1: Access the SISE Lab and Install ISE 2.4
Discovery 2: Configure Initial Cisco ISE Setup, GUI Familiarization, and System Certificate Usage

Section 2: Cisco ISE Policy Enforcement

Using 802.1X for Wired and Wireless Access
Using MAC Authentication Bypass for Wired and Wireless Access
Introducing Identity Management
Configuring Certificate Services
Discovery 3: Integrate Cisco ISE with Active Directory
Introducing Cisco ISE Policy
Discovery 4: Configure Cisco ISE Policy
Implementing Third-Party Network Access Device Support
Introducing Cisco TrustSec
TrustSec Configuration
Easy Connect
Discovery 5: Configure Access Policy for Easy Connect

Section 3: Web Auth and Guest Services

Introducing Web Access with Cisco ISE
Introducing Guest Access Components
Configuring Guest Access Settings
Discovery 6: Configure Guest Access
Configure Sponsor and Guest Portals
Discovery 7: Configure Guest Access Operations
Discovery 8: Create Guest Reports

Section 4: Cisco ISE Profiler

Introducing Cisco ISE Profiler
Profiling Deployment and Best Practices
Discovery 9: Configure Profiling
Discovery 10: Customize the Cisco ISE Profiling Configuration
Discovery 11: Create Cisco ISE Profiling Reports

Section 5: Cisco ISE BYOD

Introducing the Cisco ISE BYOD Process
Describing BYOD Flow
Configuring the My Devices Portal
Configuring Certificates in BYOD Scenarios
Discovery 12: Configure BYOD
Discovery 13: Blacklisting a Device

Section 6: Cisco ISE Endpoint Compliance Services

Introducing Endpoint Compliance Services
Discovery 14: Configure Cisco ISE Compliance Services
Configuring Client Posture Services and Provisioning
Discovery 15: Configure Client Provisioning
Discovery 16: Configure Posture Policies
Discovery 17: Test and Monitor Compliance Based Access
Discovery 18: Test Compliance Policy

Section 7: Working with Network Access Devices

Review AAA
Cisco ISE TACACS+ Device Administration
Configure TACACS+ Device Administration
TACACS+ Device Administration Guidelines and Best Practices
Migrating from Cisco ACS to Cisco ISE
Discovery 19: Configure Cisco ISE for Basic Device Administration
Discovery 20: Configure TACACS+ Command Authorization

Practical information

Duration

5 Days

Languages

EN

Price

€3495,00 + 3% VAT

Location

Online Classroom Courses

Schedule

Guaranteed to run

Sessions in English

09/1 - 13/1Book

06/3 - 10/3Book

17/4 - 21/4Book

05/6 - 09/6Book

04/9 - 08/9Book

Share this course on

You might also be interested in

Cisco

Implementing Cisco Enterprise Advanced Routing and Services (ENARSI)

09/1 - 13/1, 06/3 - 10/3, 17 ...

The Implementing Cisco Enterprise Advanced Routing and Services (ENARSI) v1.0 gives you the knowledge you need to install, configure, operate,…

Cisco

Implementing Cisco Enterprise Wireless Networks (ENWLSI)

13/2 - 17/2, 08/5 - 12/5, 07 ...

Designing Cisco Enterprise Wireless Networks (ENWLSD) v1.0 is a 5-day course that introduces wireless engineers to concepts they need to…

Cisco

Implementing Secure Solutions with Virtual Private Networks (SVPN)

09/1 - 13/1, 27/2 - 03/3, 22 ...

The Implementing Secure Solutions with Virtual Private Networks (SVPN) v1.0 course teaches you how to implement, configure, monitor, and support…

Cisco

Securing Email with Cisco Email Security Appliance (SESA)

13/03 - 16/03, 29/08 - 31/08

The Securing Email with Cisco Email Security Appliance (SESA) v3.1 course shows you how to deploy and use Cisco® Email…

Prerequisite test

Take the test

Looking for a tailor made solution?

Get started with personal training