Implementing and Configuring Cisco Identity Services Engine (SISE)

This course discusses the Cisco Identity Services Engine, an identity and access control policy platform that provides a single policy plane across the entire organization, combining multiple services, including authentication, authorization, and accounting (AAA), posture, profiling, device on-boarding, and guest management, into a single context-aware identity-based platform. The training provides students with the knowledge and skills to enforce security posture compliance for wired and wireless endpoints as well as enhance infrastructure security using the Cisco ISE. Special Note: Course kits are available in digital format only. The digital version is designed for online use only, not for printing.

Retail Price: $3,995.00

Next Date: 12/10/2018

Course Days: 5


Enroll in Next Date

Request Custom Course


About this Course

This course discusses the Cisco Identity Services Engine, an identity and access control policy platform that provides a single policy plane across the entire organization, combining multiple services, including authentication, authorization, and accounting (AAA), posture, profiling, device on-boarding, and guest management, into a single context-aware identity-based platform. The training provides students with the knowledge and skills to enforce security posture compliance for wired and wireless endpoints as well as enhance infrastructure security using the Cisco ISE. Special Note: Course kits are available in digital format only. The digital version is designed for online use only, not for printing.

Audience Profile

The primary audience for this course is as follows:

  • ISE Administrators / Engineers
  • Wireless Administrators / Engineers
  • Consulting Systems Engineers
  • Technical / Wireless / BYOD / Security Solutions Architects
  • ATP partner systems and field engineers
  • Systems integrators who install and implement the Cisco Identity Service Engine v2.1

At Course Completion

Upon successful completion of this course, students should be able to meet these overall objectives:

  • Describe Cisco ISE architecture, installation, and distributed deployment options
  • Configure Network Access Devices (NADs), policy components, and basic authentication and authorization policies in Cisco ISE
  • Implement Cisco ISE web authentication and guest services
  • Deploy Cisco ISE profiling, posture, and client provisioning services
  • Describe administration, monitoring, troubleshooting, and TrustSec SGA security
  • Configure device administration using TACACS+ in Cisco ISE

Prerequisites

It is recommended that students have the following prior to attending this course:

  • Familiarity with Cisco IOS CLI
  • Familiarity with Cisco ASA
  • Familiarity with Cisco VPN clients
  • Familiarity with MicroSoft Windows Operating Systems
  • Familiarity with 802.1x

Course Outline

Module 1: Introducing Cisco ISE Architecture and Deployment

  • Lesson 1: Using Cisco ISE as a Network Access Policy Engine
  • Lesson 2: Introducing Cisco ISE Deployment Models


Module 2: Cisco ISE Policy Enforcement

  • Lesson 1: Introducing 802.1x and MAB Access: Wired and Wireless
  • Lesson 2: Introducing Identity Management
  • Lesson 3: Configuring Certificate Services 
  • Lesson 4: Introducing Cisco ISE Policy
  • Lesson 5: Configuring Cisco ISE Policy Sets 
  • Lesson 6: Implementing Third-Party 
  • Lesson 7: Introducing Cisco TrustSec 
  • Lesson 8: Introducing EasyConnect


Module 3: Web Authentication and Guest Services

  • Lesson 1: Introducing Web Access with Cisco ISE
  • Lesson 2: Introducing ISE Guest Access Components
  • Lesson 3: Configuring Guest Access Settings
  • Lesson 4: Configuring Portals: Sponsors and Guests


Module 4: Cisco ISE Profiler

  • Lesson 1: Introducing Cisco ISE Profiler
  • Lesson 2: Configuring Cisco ISE Profiling


Module 5: Cisco ISE BYOD

  • Lesson 1: Introducing the Cisco ISE BYOD Process
  • Lesson 2: Describing BYOD Flow
  • Lesson 3: Configuring My Devices Portal Settings
  • Lesson 4: Configuring Certificates in BYOD Scenarios


Module 6: Cisco ISE Endpoint Compliance Services

  • Lesson 1: Introducing Endpoint Compliance
  • Lesson 2: Configuring Client Posture Services and Provisioning in Cisco ISE


Module 7: Cisco ISE with AMP and VPN-Based Services

  • Lesson 1: Introducing VPN Access Using Cisco ISE
  • Lesson 2: Configuring Cisco AMP for ISE


Module 8: Cisco ISE Integrated Solutions with APIs

  • Lesson 1: Introducing Location-Based Authorization
  • Lesson 2: Introducing Cisco ISE 2.x pxGrid


Module 9: Working with Network Access Devices

  • Lesson 1: Configuring TACACS+ for Cisco ISE Device Administration


Module 10: Cisco ISE Design

  • Lesson 1: Designing and Deployment Best Practices
  • Lesson 2: Performing Cisco ISE Installation and Configuration Best Practices
  • Lesson 3: Deploying Failover and High-Availability


Module 11: Configuring Third Party NAD Support

  • Lesson 1: Configuring Third-Party NAD Support


Lab Outline

  • Lab 1: Configure Initial Cisco ISE setup, GUI familiarization, system certificate usage
  • Lab 2: Integrate Cisco ISE with Active Directory
  • Lab 3: Configure Basic Policy on Cisco ISE
  • Lab 4: Configure Conversion to Policy Sets
  • Lab 5: Configure Access Policy for Easy Connect
  • Lab 6: Configure Guest Access
  • Lab 7: Configure Guest Access Operations
  • Lab 8: Create Guest Reports
  • Lab 9: Configure Profiling
  • Lab 10: Customize the Cisco ISE Profiling Configuration
  • Lab 11: Create Cisco ISE Profiling Reports
  • Lab 12: Configure BYOD
  • Lab 13: Blacklisting a Device
  • Lab 14: Configure Compliance Services on Cisco ISE
  • Lab 15: Configure Client Provisioning
  • Lab 16: Configure Posture Policies
  • Lab 17: Test and Monitor Compliance Based Access
  • Lab 18: Test Compliance Policy
  • Lab 19: Configure Cisco ISE for VPN Access
  • Lab 20: Configure Threat-Centric NAC using Cisco AMP
  • Lab 21: Configure Cisco ISE pxGrid and Cisco WSA Integration
  • Lab 22: Configure Cisco ISE for Basic Device Administration
  • Lab 23: Configure TACACS+ Command Authorization

neXT Live 365

Demand for trained and certified technical professionals is growing. To stay competitive in a global, fast-paced job market, it’s imperative to stay up-to-date on emerging technologies and ensure your skills are relevant. neXT LIVE 365 helps you maintain your skills and gain knowledge with quick, easy access to training on the entire portfolio of products and technologies.

Click to Learn more


neXT Digital Learning

  • Digital Courseware
    • Accessible on many different devices
  • Access to next Live 365 Community
    • 24x7 access to content
  • Quarterly neXTpertise Sessions
    • Exam Preparation, Planned Routing & Switching Topics, Open Sessions - ask the neXTperts!
  • Access to extended Cisco Library
    • Recorded videos from other Cisco Technologies in the same catalog
  • Access to Discussion Boards
    • Run by YOU and monitored daily by our instructors

neXT Live 365 community

  • Continued Education
    • One full year of training instead of one week in the classroom
  • Up-To-Date Content
    • No need to wait for off-the-shelf curriculum to be updated
  • Flexibility
    • You don’t have to be out of the office for 5 days
  • Breadth of Knowledge
    • Information from an entire technology group, not just one class
  • On-Demand
    • Need an answer at 11pm? Search our Video Reference Library or post your question in our discussion board for a quick SME answer
  • Customer Driven
    • Session topics added by request
  • Timely
    • Bridge the gap between class and exam with study and exam prep sessions
Course Dates Course Times (EST) Delivery Mode GTR
12/10/2018 - 12/14/2018 9:00 AM - 5:00 PM Virtual gauranteed to run course date Enroll
1/14/2019 - 1/18/2019 9:00 AM - 5:00 PM Virtual gauranteed to run course date Enroll
2/11/2019 - 2/15/2019 9:00 AM - 5:00 PM Virtual gauranteed to run course date Enroll
3/11/2019 - 3/15/2019 9:00 AM - 5:00 PM Virtual gauranteed to run course date Enroll