Entre Technology Services, LLC.

406-265-5700

www.entremt.com

SISE: Implementing and Configuring Cisco Identity Services Engine v3.0

Upcoming Dates

Course Implementing and Configuring Cisco Identity Services Engine v3.0 (SISE)

Course Specifications

Course Length: 5 days
Rate: $3,995.00
Registration: Call 406-256-5700 or email entretraining@entremt.com to register or to request customized training or group pricing.

Overview

This course discusses the Cisco Identity Services Engine, an identity and access control policy platform that
provides a single policy plane across the entire organization, combining multiple services, including
authentication, authorization, and accounting (AAA), posture, profiling, device on-boarding, and guest
management, into a single context-aware identity-based platform. The training provides students with the
knowledge and skills to enforce security posture compliance for wired and wireless endpoints as well as
enhance infrastructure security using the Cisco ISE.
Special Note: Course kits are available in digital format only. The digital version is designed for online use only,
not for printing.

Course Objectives

After taking this course, students will be able to:

  • Describe Cisco ISE architecture, installation, and distributed deployment options
  • Configure Network Access Devices (NADs), policy components, and basic authentication and
    authorization policies in Cisco ISE
  • Implement Cisco ISE web authentication and guest services
  • Deploy Cisco ISE profiling, posture, and client provisioning services
  • Describe administration, monitoring, troubleshooting, and TrustSec SGA security
  • Configure device administration using TACACS+ in Cisco ISE

Audience

This course is designed for those wanting to learn the knowledge and skills to enforce security posture
compliance for wired and wireless endpoints as well as enhance infrastructure security using the Cisco ISE.

Prerequisites

It is recommended that students have the following prior to attending this course:

  • Familiarity with Cisco IOS CLI
  • Familiarity with Cisco ASA
  • Familiarity with Cisco VPN clients
  • Familiarity with MicroSoft Windows
    Operating Systems
  • Familiarity with 802.1x

Course Outline

Module 1: Introducing Cisco ISE Architecture and Deployment

  • Using Cisco ISE as a Network Access
    Policy Engine
  • Introducing Cisco ISE Deployment Models

Module 2: Cisco ISE Policy Enforcement

  • Introducing 802.1x and MAB Access:
    Wired and Wireless
  • Introducing Identity Management
  • Configuring Certificate Services
  • Introducing Cisco ISE Policy
  • Configuring Cisco ISE Policy Sets
  • Implementing Third-Party
  • Introducing Cisco TrustSec
  • Introducing EasyConnect

Module 3: Web Authentication and Guest Services

  • Introducing Web Access with Cisco ISE
  • Introducing ISE Guest Access
    Components
  • Configuring Guest Access Settings
  • Configuring Portals: Sponsors and Guests

Module 4: Cisco ISE Profiler

  • Introducing Cisco ISE Profiler
  • Configuring Cisco ISE Profiling

Module 5: Cisco ISE BYOD 

  • Introducing the Cisco ISE BYOD Process
  • Describing BYOD Flow
  • Configuring My Devices Portal Settings
  • Configuring Certificates in BYOD
    Scenarios

Module 6: Cisco ISE Endpoint Compliance Services 

  • Introducing Endpoint Compliance
  • Configuring Client Posture Services and
    Provisioning in Cisco ISE

Module 7: Cisco ISE with AMP and VPN-Based Services

  • Introducing VPN Access Using Cisco ISE
  • Configuring Cisco AMP for ISE

Module 8: Cisco ISE Integrated Solutions with APIs 

  • Introducing Location-Based Authorization
  • Introducing Cisco ISE 2.x pxGrid

Module 9: Working with Network Access Devices 

  • Configuring TACACS+ for Cisco ISE
    Device Administration

Module 10: Cisco ISE Design 

  • Designing and Deployment Best Practices
    B. Performing Cisco ISE Installation and
    Configuration Best Practices
    C. Deploying Failover and High-Availability

Module 11: Configuring Third Party NAD Support 

  • Configuring Third-Party NAD Support

Module 10: Labs

  • Configure Initial Cisco ISE setup, GUI
    familiarization, system certificate usage
  • Integrate Cisco ISE with Active Directory
  • Configure Basic Policy on Cisco ISE
  • Configure Conversion to Policy Sets
  • Configure Access Policy for Easy Connect
  • Configure Guest Access
  • Configure Guest Access Operations
  • Create Guest Reports
  • Configure Profiling
  • Customize the Cisco ISE Profiling
    Configuration
  • Create Cisco ISE Profiling Reports
  • Configure BYOD
  • Blacklisting a Device
  • Configure Compliance Services on Cisco
    ISE
  • Configure Client Provisioning
  • Configure Posture Policies
  • Test and Monitor Compliance Based
    Access
  • Test Compliance Policy
  • Configure Cisco ISE for VPN Access
  • Configure Threat-Centric NAC using Cisco
    AMP
  • Configure Cisco ISE pxGrid and Cisco
    WSA Integration
  • Configure Cisco ISE for Basic Device
    Administration
  • Configure TACACS+ Command
    Authorization