Network Training - Course Details

ISE-ICISESSv10 ISE - Implementing Cisco Identity Services Engine Secure Solutions v1.0

Network Training Course Description:
This course is specifically designed for ATP certification, for end user product training please see SISE 1.1. In this course, you will learn how to install, configure, and implement Cisco Identity Services Engine (ISE), a new flagship security product. This course is designed for Cisco's Authorized Technology Provider (ATP) Program, part of the Cisco Channel Partner Program, and is required to fulfill the ATP requirement for ISE certification.
Network Training Course Duration:
5 DAYS
Network Training Course Target Audience:
Cisco channel partners and field engineers,End users desiring the knowledge to install, configure, and deploy Cisco ISE (Note: This course is designed for the ATP certification program for Cisco channel partners. Although end users will benefit from the course, there will be ATP related information reflected in the course such as licensing and licensing costs.)
Network Training Course Prerequisite:
CCNA - Cisco Certified Network Associate or equivalent experience with configuring Cisco routers and switches
Course Content:

  • 1. TrustSec 2.0 Solution and ISE Platform Architecture

    • Cisco Borderless Network Architecture
    • Cisco ISE
    • Cisco ISE Software Architecture

  • 2. Cisco Identity Services Engine Deployment

    • Installing the Cisco ISE Software
      • Cisco ISE Software GUI
      • Installing the Cisco ISE Software on a Server
      • Installing the Cisco ISE Software on an ISE Appliance
      • Installing the Cisco ISE Software on a Virtual Machine
      • Configuring Post-Install Tasks
    • Integrating Cisco ISE into Microsoft Active Directory
      • Microsoft Active Directory
      • Configuring Cisco ISE for Active Directory Integration
      • Verifying Proper Cisco ISE Operation with Active Directory
    • Configuring Cisco ISE for High Availability
      • ConfiguringSupported High-Availability Deployment Options
      • Configuring High Availability

  • 3. Classification and Policy Enforcement

    • Using Cisco ISE for Policy Enforcement
      • Policy Enforcement on Cisco ISE
      • Configuring Cisco ISE for Policy Enforcement
      • Verifying Policy Enforcement for Cisco ISE
    • Configuring Cisco ISE for MAB
      • MAC Authentication Bypass
      • Creating Network Infrastructure Configuration for MAB
      • Configuring Cisco ISE for MAB
      • Configuring Cisco ISE for Whitelists
      • Verifying MAB Operation on Cisco ISE
    • Configuring Cisco ISE for Wired and Wireless 802.1X Authentication
      • 802.1X Authentication
      • Configuring a Windows Client for 802.1X Authentication
      • Configuring Cisco ISE for Wired 802.1X Authentication
      • Configuring Cisco ISE for Wireless 802.1X Authentication
      • Verifying 802.1X Authentication
    • Deploying VPN-Based Services Using the Cisco ASA and Inline Posture
      • Inline Posture
      • Configuring Inline Posture for Router Mode
      • Configuring Inline Posture for High Availability
      • Configuring Inline Posture for Authorization Profiles and Policies
      • Verifying Inline Posture Operation
    • Configuring Web Authentication Using Cisco ISE
      • Configuring Web Authentication Using Cisco ISE
      • Verifying Web Authentication

  • 4. Guest, Profiler, and Posture Service Configuration

    • Cisco ISE Guest Service
      • Sponsor Access Policies
      • Configuring Guest Settings
    • Cisco ISE Profiler Service
      • Configuring Profiling on Cisco ISE
      • Verifying Profiling on Cisco ISE
    • Cisco ISE Posture Service
      • Configuring Cisco ISE for Client Provisioning
      • Configuring an Authorization Policy for Client Provisioning and PostureCompliance
      • Configuring the Posture Subscription and Policy
      • Verifying the Posture Service

  • 5. Designing the Cisco TrustSec 2.0 Architecture Design for the ISE Appliance

    • Designing the Cisco TrustSec 2.0 Solution Architecture for the ISEAppliance
      • High-Level Design (HLD) Guidance
      • HLD Case Studies: Small and Midsized Corporations
      • Low-Level Design (LLD) Guidance
      • LLD Case Study: New York State Hospital

  • Appendix A: Selecting Cisco TrustSec 2.0 Infrastructure Hardware and the ISEAppliance

    • Cisco TrustSec 2.0 Switching Infrastructure Hardware
    • Cisco TrustSec 2.0 WLC Hardware
    • Cisco TrustSec 2.0 ISE Hardware

  • Appendix B: Cisco TrustSec Fundamentals

    • Key Cisco TrustSec Functions
    • Security Group Access Solution

  • Lab 1: Install ISE and Familiarize Yourself with Web Console

  • Lab 2: Install a Certificate in ISE

  • Lab 3: Configure AAA Clients

  • Lab 4: Local and Remote Identity Stores Using Active Directory and Sequence Lists

  • Lab 5: Configure 802.1X for Wired Networks

  • Lab 6: Configure 802.1X for Wireless Networks

  • Lab 7: Configure MAB

  • Lab 8: Create CWA for Wired and Wireless Networks and Device Registration

  • Lab 9: Provide Guest Access Using ISE

  • Lab 10: Configure the Profiler Service in ISE

  • Lab 11: Configure Posture with ISE

  • Lab 12: Low-Level Design Case Study

  • Lab 7: Configure Web Authentication and Policy Enforcement

  • Lab 8: Create Guest Users and Guest User Policies in the Sponsor Portal

  • Lab 9: Configure Profiling on the ISE

  • Lab 10: Configure the ISE for Posture Services

  • Lab 11: Create a Low-Level Design for the ISE (Case Study)