Implementing and Configuring Cisco Identity Services Engine v2.1

This course is focused specifically on the Cisco Identity Services Engine (ISE), an identity and access control policy platform that provides a single policy plane across the entire organization, combining multiple services, including authentication, authorization, and accounting (AAA), posture, profiling, device on-boarding, and guest management, into a single context-aware identity-based platform. The training provides learners with the knowledge and skills to enforce security posture compliance for wired and wireless endpoints and enhance infrastructure security using the Cisco ISE.

This course is based on ISE v2.1

Målgrupp

Individuals involved in the deployment and maintence of the Cisco ISE platform.

Förkunskaper

Attendees should meet the following prerequisites:

  • CCNA Security certification ICND1 or CCNA and IINS.
  • Understand the concepts of 802.1X - 802.1x recommended.
  • Familiarity with Microsoft Windows and Active Directory.

Innehåll

Introducing Cisco ISE Architecture and Deployment

  • Using Cisco ISE as a Network Access Policy Engine
  • Introducing Cisco ISE Deployment Models

Cisco ISE Policy Enforcement

  • Introducing 802.1X and MAB Access: Wired and Wireless
  • Introducing Identity Management
  • Configuring Certificate Services
  • Introducing Cisco ISE Policy
  • Configuring Cisco ISE Policy Sets
  • Implementing Third-Party Network Access Device Support
  • Introducing Cisco TrustSec
  • Introducing EasyConnect

Web Authentication and Guest Services

  • Introducing Web Access with Cisco ISE
  • Introducing ISE Guest Access Components
  • Configuring Guest Access Services
  • Configuring Portals: Sponsors and Guests

Cisco ISE Profiler

  • Introducing Cisco ISE Profiler
  • Configuring Cisco ISE Profiling

Cisco ISE BYOD

  • Introducing the Cisco ISE BYOD Process
  • Describing BYOD Flow
  • Configuring My Devices Portal Settings
  • Configuring Certificates in BYOD Scenarios

Cisco ISE Endpoint Compliance Services

  • Introducing Endpoint Compliance
  • Configuring Client Posture Services and Provisioning in Cisco ISE

Cisco ISE with AMP and VPN-Based Services

  • Introducing VPN Access Using Cisco ISE
  • Configuring Cisco AMP for ISE 

Cisco ISE Integrated Solutions with API's

  • Introducing Location-Based Authorization
  • Introducing Cisco ISE2.x pxgrid

Working with Network Access Devices

  • Configuring TACACS+ for Cisco ISE Device Administration

Cisco ISE Design (Self-Study)

  • Designing and Deployment Best Practices
  • Performing Cisco ISE Installation and Configuration Best Practices
  • Deploying Failover and High Availability

Configuring Third Party NAD Support (Optional/Self-Study/Reference)

  • Configuring Third-Party NAD Support

Labs

  • Lab 1: Configure Initial Cisco ISE setup, GUI Familiarization, system certificate usage
  • Lab 2: Integrate Cisco ISE with Active Directory
  • Lab 3: Configure Basic Policy on Cisco ISE
  • Lab 4: Configure Conversion to Policy Sets
  • Lab 5: Configure Access Policy for Easy Connect
  • Lab 6: Configure Guest Access
  • Lab 7: Configure Guest Access Operations
  • Lab 8: Create Guest Reports
  • Lab 9: Configure Profiling
  • Lab 10: Customize the Cisco ISE Profiling Configuration
  • Lab 11: Create Cisco ISE Profiling Reports
  • Lab 12: Configure BYOD
  • Lab 13: Blacklisting a Device
  • Lab 14: Configure Compliance Services on Cisco ISE
  • Lab 15: Configure Client Provisioning
  • Lab 16: Configure Posture Policies
  • Lab 17: Test and Monitor Compliance Based Access
  • Lab 18: Test Compliance Policy
  • Lab 19: Configure Cisco ISE for VPN Access
  • Lab 20: Configure Threat-Centric NAC using Cisco AMP
  • Lab 21: Configure Cisco ISE pxGrid and Cisco WSA Integration
  • Lab 22: Configure Cisco ISE for Basic Device Administration
  • Lab 23: Configure TACACS+ Command Authorization

Målsättning

After completing this course you should be able to:

  • Describe Cisco ISE architecture, installation, and distributed deployment options
  • Configure Network Access Devices (NADs), policy components, and basic authentication and authorization policies in Cisco ISE
  • Implement Cisco ISE web authentication and guest services
  • Deploy Cisco ISE profiling, posture and client provisioning services
  • Describe administration, monitoring, troubleshooting, and TrustSec SGA security
  • Configure device administration using TACACS+ in Cisco ISE

Boka kursen

Boka din plats redan idag.

Om kursen

Pris: 30 000,00 kr

exklusive moms

Längd 5 dagar
Kurskod SISE
Boka kursen

Välj ort och kursstart

sg Startgaranti innebär att kursen startar oavsett antal deltagare

27 mars

8 maj

Kunduppgifter

Kursanmälan är bindande. För mer information och avbokningsregler se våra allmänna villkor.