Implementing and Configuring Cisco Identity Services Engine (SISE)

Objectives

After taking this course, you should be able to:

  • Describe Cisco ISE deployments, including core deployment components and how they interact to create a cohesive security architecture. Describe the advantages of such a deployment and how each Cisco ISE capability contributes to these advantages.
  • Describe concepts and configure components related to 802.1X and MAC Authentication Bypass (MAB) authentication, identity management, and certificate services.
  • Describe how Cisco ISE policy sets are used to implement authentication and authorization, and how to leverage this capability to meet the needs of your organization.
  • Describe third-party Network Access Devices (NADs), Cisco TrustSec®, and Easy Connect.
  • Describe and configure web authentication, processes, operation, and guest services, including guest access components and various guest access scenarios.
  • Describe and configure Cisco ISE profiling services, and understand how to monitor these services to enhance your situational awareness about network-connected endpoints. Describe best practices for deploying this profiler service in your specific environment.
  • Describe BYOD challenges, solutions, processes, and portals. Configure a BYOD solution, and describe the relationship between BYOD processes and their related configuration components. Describe and configure various certificates related to a BYOD solution.
  • Describe the value of the My Devices portal and how to configure this portal.
  • Describe endpoint compliance, compliance components, posture agents, posture deployment and licensing, and the posture service in Cisco ISE.
  • Describe and configure TACACS+ device administration using Cisco ISE, including command sets, profiles, and policy sets. Understand the role of TACACS+ within the Authentication, Authentication, and Accounting (AAA) framework and the differences between the RADIUS and TACACS+ protocols.
  • Migrate TACACS+ functionality from Cisco Secure Access Control System (ACS) to Cisco ISE, using a migration tool.

Outline

  • Introducing Cisco ISE Architecture and Deployment
    • Using Cisco ISE as a Network Access Policy Engine
    • Cisco ISE Use Cases
    • Describing Cisco ISE Functions
    • Cisco ISE Deployment Models
    • Context Visibility
  • Cisco ISE Policy Enforcement
    • Using 802.1X for Wired and Wireless Access
    • Using MAC Authentication Bypass for Wired and Wireless Access
    • Introducing Identity Management
    • Configuring Certificate Services
    • Introducing Cisco ISE Policy
    • Implementing Third-Party Network Access Device Support
    • Introducing Cisco TrustSec
    • Cisco TrustSec Configuration
    • Easy Connect
  • Web Authentication and Guest Services
    • Introducing Web Access with Cisco ISE
    • Introducing Guest Access Components
    • Configuring Guest Access Settings
    • Configuring Sponsor and Guest Portals
  • Cisco ISE Profiler
    • Introducing Cisco ISE Profiler
    • Profiling Deployment and Best Practices
  • Cisco ISE BYOD
    • Introducing the Cisco ISE BYOD Process
    • Describing BYOD Flow
    • Configuring the My Devices Portal
    • Configuring Certificates in BYOD Scenarios
  • Cisco ISE Endpoint Compliance Services
    • Introducing Endpoint Compliance Services
    • Configuring Client Posture Services and Provisioning in Cisco ISE
  • Working with Network Access Devices
    • Review TACACS+
    • Cisco ISE TACACS+ Device Administration
    • Configure TACACS+ Device Administration
    • TACACS+ Device Administration Guidelines and Best Practices
    • Migrating from Cisco ACS to Cisco ISE

Lab outline

  • Access the SISE Lab and Install ISE 2.4
  • Configure Initial Cisco ISE Setup, GUI Familiarization, and System Certificate Usage
  • Integrate Cisco ISE with Active Directory
  • Configure Basic Policy on Cisco ISE
  • Configure Policy Sets
  • Configure Access Policy for Easy Connect
  • Configure Guest Access
  • Configure Guest Access Operations
  • Create Guest Reports
  • Configure Profiling
  • Customize the Cisco ISE Profiling Configuration
  • Create Cisco ISE Profiling Reports
  • Configure BYOD
  • Blacklisting a Device
  • Configure Cisco ISE Compliance Services
  • Configure Client Provisioning
  • Configure Posture Policies
  • Test and Monitor Compliance-Based Access
  • Test Compliance Policy
  • Configure Cisco ISE for Basic Device Administration
  • Configure TACACS+ Command Authorization

Audience

  • Channel Partner / Reseller
  • Customer
  • Employee

Prerequisites

  • To fully benefit from this course, you should have the following knowledge:
    • Familiarity with the Cisco IOS® Software Command-Line Interface (CLI)
    • Familiarity with Cisco AnyConnect® Secure Mobility Client
    • Familiarity with Microsoft Windows operating systems
    • Familiarity with 802.1X

    Recommended Cisco learning offerings that may help you meet these prerequisites:

    • Cisco CCNP® Security Certification training
    • Introduction to 802.1X Operations for Cisco Security Professionals (802.1X)

 CONTACT INFO

    Course Registration: +91 80 4950 1121
    Email: sales@trainingworld360.com

OUR PRICE  Contact Us


MODE           :   LTE

LOCATION   : Bangalore

CISCO            : Security

FEATURE       : Classroom

DURATION   : 5 Days

NEXT CLASS 25 Feb 2019,
8 April 2019,
3 May 2019

Need more info ? Email sales@trainingworld360.com or Enquire now!

Enquire Now

Guarantee to Run the Classes

Expert Trainers

Official Training