Course Overview

This course discusses the Cisco Identity Services Engine (ISE), an identity and access control policy platform that provides a single policy plane across the entire organization, combining multiple services, including authentication, authorization, and accounting (AAA), posture, profiling, device on-boarding, and guest management, into a single context-aware identity-based platform. The training provides learners with the knowledge and skills to enforce security posture compliance for wired and wireless endpoints and enhance infrastructure security using the Cisco ISE.

 

CLASS INFORMATION
Price: 
$3,995
Duration: 
5 days
Version: 
3.0
Learning Credits: 
40
  • Upon completion of this course, you will be able to:

    • Describe Cisco ISE architecture, installation, and distributed deployment options
    • Configure Network Access Devices (NADs), policy components, and basic authentication and authorization policies in
    • Cisco ISE – Implement Cisco ISE web authentication and guest services
    • Deploy Cisco ISE profiling, posture and client provisioning services
    • Describe administration, monitoring, troubleshooting, and TrustSec SGA security
    • Configure device administration using TACACS+ in Cisco ISE
  • Module 1: Introducing Cisco ISE Architecture and Deployment

    • Lesson 1: Using Cisco ISE as a Network Access Policy Engine
    • Lesson 2: Introducing Cisco ISE Deployment Models

    Module 2: Cisco ISE Policy Enforcement

    • Lesson 1: Introducing 802.1X and MAB Access: Wired and Wireless
    • Lesson 2: Introducing Identity Management
    • Lesson 3: Configuring Certificate Services
    • Lesson 4: Introducing Cisco ISE Policy
    • Lesson 5: Configuring Cisco ISE Policy Sets
    • Lesson 6: Implementing Third-Party Network Access Device Support
    • Lesson 7: Introducing Cisco TrustSec
    • Lesson 8: Introducing EasyConnect

    Module 3: Web Auth and Guest Services

    • Lesson 1: Introducing Web Access with Cisco ISE
    • Lesson 2: Introducing ISE Guest Access Components
    • Lesson 3: Configuring Guest Access Settings
    • Lesson 4: Configuring Portals: Sponsors and Guests

    Module 4: Cisco ISE Profiler

    • Lesson 1: Introducing Cisco ISE Profiler
    • Lesson 2: Configuring Cisco ISE Profiling

    Module 5: Cisco ISE BYOD

    • Lesson 1: Introducing the Cisco ISE BYOD Process
    • Lesson 2: Describing BYOD Flow
    • Lesson 3: Configuring My Devices Portal Settings
    • Lesson 4: Configuring Certificates in BYOD Scenarios

    Module 6: Cisco ISE Endpoint Compliance Services

    • Lesson 1: Introducing Endpoint Compliance
    • Lesson 2: Configuring Client Posture Services and Provisioning in Cisco ISE

    Module 7: Cisco ISE with AMP and VPN-Based Services

    • Lesson 1: Introducing VPN Access Using Cisco ISE
    • Lesson 2: Configuring Cisco AMP for ISE

    Module 8: Cisco ISE Integrated Solutions with APIs

    • Lesson 1: Introducing Location-Based Authorization
    • Lesson 2: Introducing Cisco ISE 2.x pxGrid

    Module 9: Working with Network Access Devices

    • Lesson 1: Configuring TACACS+ for Cisco ISE Device Administration

    Module 10: Cisco ISE Design (Self-Study)

    • Lesson 1: Designing and Deployment Best Practices
    • Lesson 2: Performing Cisco ISE Installation and Configuration BestPractices
    • Lesson 3: Deploying Failover and High-Availability

    Module 11: Configuring Third Party NAD Support(Optional/Self-Study/Reference)

    • Lesson 1: Configuring Third-Party NAD Support (Optional, Self-Study, or Reference)
    • Lab 1: Configure Initial Cisco ISE setup, GUI Familiarization, system certificate usage
    • Lab 2: Integrate Cisco ISE with Active Directory
    • Lab 3: Configure Basic Policy on Cisco ISE
    • Lab 4: Configure Conversion to Policy Sets
    • Lab 5: Configure Access Policy for Easy Connect
    • Lab 6: Configure Guest Access
    • Lab 7: Configure Guest Access Operations
    • Lab 8: Create Guest Reports
    • Lab 9: Configure Profiling
    • Lab 10: Customize the Cisco ISE Profiling Configuration
    • Lab 11: Create Cisco ISE Profiling Reports
    • Lab 12: Configure BYOD
    • Lab 13: Blacklisting a Device
    • Lab 14: Configure Compliance Services on Cisco ISE
    • Lab 15: Configure Client Provisioning
    • Lab 16: Configure Posture Policies
    • Lab 17: Test and Monitor Compliance Based Access
    • Lab 18: Test Compliance Policy
    • Lab 19: Configure Cisco ISE for VPN Access
    • Lab 20: Configure Threat-Centric NAC using Cisco AMP
    • Lab 21: Configure Cisco ISE pxGrid and Cisco WSA Integration
    • Lab 22: Configure Cisco ISE for Basic Device Administration
    • Lab 23: Configure TACACS+ Command Authorization
  • It is recommended that a learning have the following knowledge and skills before attending this course:

    • CCNA Security certification
    • Foundation-level network knowledge and skills necessary to install, configure, operate, and troubleshoot network devices and applications
    • Foundation-level wireless knowledge and skills
    • Basic knowledge of Cisco IOS networking and concepts
    • Familiarity with Cisco IOS CLI
    • Familiarity with Cisco ASA
    • Familiarity with Cisco VPN clients
    • Familiarity with MicroSoft Windows Operating Systems
    • Familiarity with 802.1X
    • ISE Administrators/Engineers
    • Wireless Administrators/Engineers
    • Consulting Systems Engineers
    • Technical/Wireless/BYOD/Security Solutions Architects
    • ATP partner systems and field engineers
    • Systems integrators who install and implement the Cisco Identity Service Engine version 1.3