Cisco : Implementing and Configuring Cisco Identity Services Engine

13 September 2018 @ 8:00 am - 17 September 2018 @ 3:30 pm

Velisa Africa is the official Global Knowledge partner in Sub-Saharan Africa. Course details : http://www.globalknowledge.ae/courses/cisco/security/sise.html

This course is designed to provide the knowlegde and skills required to install and implement a Cisco Identity Services Engine (ISE) v1.3 deployment. The Cisco Identity Services Engine is a next-generation identity and access control policy platform that provides a single policy plane across the entire organization combining multiple services, including authentication, authorization, and accounting (AAA), posture, profiling, device on-boarding, and guest management, into a single context-aware identity-based platform. This course covers the key components and procedures needed to install, configure, manage and troubleshoot the Cisco Identity Services Engine.

Pre-Requisites

Attendees should meet the following prerequisites:

  • Knowledge of Wireless LAN controllers and Lightweight Access Points. IUWNE recommended.
  • Foundation-level network knowledge and skills necessary to install, configure, operate, and troubleshoot network devices and applications – ICND1 recommended.
  • CCNA Security certification ICND1 or CCNA and IINS.
  • Understand the concepts of 802.1X – 802.1x recommended.
  • Familiarity with Microsoft Windows and Active Directory.

Introducing the Cisco Secure Access Solution and ISE Platform Architecture

  • The Cisco Secure Access Solution
  • Cisco ISE as a Network Access Policy Engine
  • Cisco ISE Policy Security Mechanisms
  • Cisco TrustSec
  • Installing Cisco ISE
  • Cisco ISE GUI Orientation

Cisco ISE Policy Enforcement

  • 802.1X and MAB Wired and Wireless
  • Identity Management
  • Cisco ISE Policy Overview
  • Cisco ISE Policy Sets

Web Authentication

  • Web Access with Cisco ISE
  • WebAuth Configuration

Cisco ISE Guest Services

  • Cisco ISE Guest Access Components
  • Guest Access Settings
  • Sponsors and Sponsor Portals
  • Cisco ISE Guest Portal Overview
  • Cisco ISE Guest Operations and Reports

Cisco ISE Profiler

  • Introduction to Profiling
  • Profiling Configuration on Cisco ISE

Cisco ISE BYOD and MDM

  • Cisco ISE BYOD Process Overview
  • BYOD Portal Selection
  • My Devices Portal Settings
  • Certificates in BYOD Scenarios
  • Describe MDM and ISE

Cisco ISE Endpoint Compliance Services

  • Endpoint Compliance – Posture Service Overview
  • Client Provisioning in Cisco ISE
  • Mobile Client Provisioning in Cisco ISE
  • Configuring Cisco ISE for Posture Compliance

Using Cisco ISE for VPN-Based Services

  • VPN Access Overview
  • Configuring Cisco ASA v9.2+ for VPN Access
  • Using Inline Posture Node for NADs without CoA Support

Cisco TrustSec

  • Cisco TrustSec

Cisco ISE Design

  • Node Capabilities
  • Failover and High Availability

Cisco ISE Best Practices

  • Best Practices

Labs

  • Lab 1-1: Initial Configuration of Cisco ISE
  • Lab 2-1: Integrate Cisco ISE with Active Directory
  • Lab 2-2: Integrating Cisco ISE with a second Microsoft Active Directory
  • Lab 2-3: Basic Policy Configuration
  • Lab 2-4: Conversion to Policy Sets
  • Lab 4-1: Configure Guest Access
  • Lab 4-2: Guest Access Operations
  • Lab 4-3: Guest Reports
  • Lab 5-1: Configuring Profiling
  • Lab 5-2: Customizing the Cisco ISE Profiling Configuration
  • Lab 5-3: ISE Profiling Reports
  • Lab 6-1: BYOD Configuration
  • Lab 6-2: Device Blacklisting
  • Lab 7-1: Compliance
  • Lab 7-2: Configuring Client Provisioning
  • Lab 7-3: Configuring Posture Policies
  • Lab 7-4: Testing and Monitoring Compliance Based Access
  • Lab 7-5: Compliance Policy Testing
  • Lab 7-6: MDM Integration with Cisco ISE
  • Lab 7-7: MDM Access and Configuration
  • Lab 7-8: Client Access with MDM
  • Lab 8-1: Using Cisco ISE for VPN Access

After completing this course you should be able to:

  • Understand the concepts of Policy Enforcement in a Cisco network
  • Understand the concepts of designing an implementation along with Cisco recognized best practices
  • Install ISE v1.3
  • Configure Cisco ISE v 1.3 for Guest Access, BYOD and MDM and Cisco ISE Compliance and Posture

Individuals involved in the deployment and maintenance of the Cisco ISE platform.

Recommended preparation for exam (s):

  • This course is currently not aligned to any exam.

For more information please contact us:

Enquiries in Johannesburg and Cape Town : pauli@velisaafrica.co.za

International Enquiries : hema.chugh@globalknowledge.ae

BACK TO COURSES

Share this on social media

FacebookTwitterRedditLinkedInEmail