Network Training - Course Details

ICCISE(SISEv11) Implementing and Configuring Cisco Identity Services Engine (SISE v1.1)

Network Training Course Description:
Implementing and Configuring Cisco Identity Services Engine (SISE v1.1) is a 5-day course based on Cisco Identity Services Engine (ISE) version 1.1.1, a next-generation identity and access control policy platform that provides a single policy plane across the entire organization combining multiple services, including authentication, authorization, and accounting (AAA), posture, profiling, device on-boarding, and guest management, into a single context-aware identity-based platform. The training provides learners with the knowledge and skills to enforce security posture compliance for wired and wireless endpoints and enhance infrastructure security using the Cisco ISE. In addition to the normal content covered in the SISE v1.1 course, there are several added enhancements such as: Additional lecture material covering the Single & Dual Wireless SSID BYOD (Bring Your Own Device) configuration has been added to the course. Enhanced 'Real World' BYOD lab exercises using Mobile Devices (Apple iPads) has also been added. In addition to the BYOD enhancements, 'Real World' lab exercises covering MAB, 802.1x-Wired, 802.1 x-Wireless, Web Authentication, Posture Assessment, & Profiling are also included.
Network Training Course Duration:
5 DAYS
Network Training Course Target Audience:
Employee,Channel Partner or Reseller,Customer
Network Training Course Prerequisite:
CCNA Security certification,Foundation-level network knowledge and skills necessary to install, configure, operate, and troubleshoot network devices and applications,Foundation-level wireless knowledge and skills,Basic knowledge of Cisco IOS networking and concepts
Course Content:

  • Cisco ISE Product Overview

    • Overview of Cisco TrustSec
    • Overview of Cisco ISE
    • Cisco ISE Architecture
    • Cisco ISE Deployment Options
    • Installing Cisco ISE
    • Network Time Protocol
    • Cisco ISE Certificates
    • Monitoring Basics
    • Configuring and Verifying Cisco ISE for Distributed Deployment

  • Cisco ISE Authentication and Authorization

    • NAD Overview
    • IEEE 802.1X Primer
    • Cisco Switch Configuration
    • Cisco WLC Configuration
    • Cisco ASA Appliance Configuration
    • Cisco ISE Authentication Process
    • Internal Databases
    • Simple Authentication
    • Rule-Based Authentication
    • Sessions in Cisco ISE
    • External Authentication Process
    • Active Directory
    • Lightweight Directory Access Protocol
    • RADIUS
    • Certificates
    • Identity Source Sequencing
    • Authentication Support and Performance
    • Using Cisco ISE Dictionaries
    • Overview of Cisco ISE Dictionaries
    • Read-Only Dictionaries
    • Administrable Dictionaries
    • RADIUS Vendor Dictionaries
    • Authorization Policies and Components
    • Authorization Policy Configuration
    • Exception Policies

  • Web Authentication and User Access Management

    • Web Authentication Overview
    • Configure Cisco ISE Web Authentication
    • Verifying Web Authentication
    • Guest Services Overview
    • Preparing the Deployment
    • Configuring Sponsor Portal
    • Configuring Guest Portal
    • Creating Guest Accounts
    • Verifying Guest Accounts

  • Cisco ISE Profiler, Posture, and Endpoint Protection Services

    • Profiler Service Overview
    • Configuring Profiling on Cisco ISE
    • Verifying Profiling
    • Posture Service Overview
    • Configuring Cisco ISE for Client Provisioning
    • Adapting the Authorization Policy for Posture Compliance
    • Configuring the Posture System Settings
    • Configuring the Posture Policy
    • Verifying the Posture Service
    • EPS Overview
    • Configuring EPS
    • Monitoring EPS
    • BYOD Overview
    • Designing BYOD
    • Dual SSID BYOD Design
    • Device Onboarding User Experience
    • Single SSID BYOD Configuration-Enhanced
    • Dual SSID BYOD Configuration-Enhanced

  • Reports, Monitoring, Troubleshooting, and Security

    • Inline Posture
    • Security Group Access
    • MAC Security
    • Cisco ISE Deployment Types
    • Deploying Monitoring Personas
    • Preparing the Network Infrastructure
    • Role-Based Access Control
    • Cisco ISE Licensing
    • Backing Up and Restoring the System Configuration
    • Cisco ISE Dashboard Monitoring
    • Implementing Logging
    • Managing Alarms
    • Cisco ISE Reports
    • Troubleshooting the Network
    • Backing Up and Restoring the Monitoring Database

  • Lab Outline

    • Lab 1-1: Installing the Cisco ISE
    • Lab 1-2: Certificate Operations
    • Lab 1-3: Cisco ISE Node Deployment
    • Lab 1-4: GUI Orientation (Optional)
    • Lab 2-1: Configure and Add Network Access Devices to Cisco ISE
    • Lab 2-2: Configure External Identity Sources
    • Lab 2-3: Examine Cisco ISE Dictionaries
    • Lab 2-4: Basic Cisco ISE Policies
    • Lab 2-5: Configuring Multiple Cisco ISE Policies
    • Lab 3-1: Configuring Cisco ISE Guest Services
    • Lab 3-2: Guest Services Self-Registration
    • Lab 4-1: Configuring Cisco ISE for Profiling
    • Lab 4-2: Configuring Cisco ISE for Posture Assessment
    • Lab 4-3: Endpoint Protections Services
    • Lab 4-4: Configure Cisco ISE for Single SSID Wireless BYOD configuration
    • Lab 4-5: Configure Cisco ISE for Dual SSID Wireless BYOD configuration
    • Lab 5-1: Logging Setup
    • Lab 5-2: Cisco ISE Reporting
    • Lab 5-3: Working with Cisco ISE Monitoring and Troubleshooting
    • Lab 5-4: Patching Cisco ISE
    • Lab 5-5: Admin Access (Optional)