Implementing and Configuring the CiscoIdentity Services Engine

Information

Length: 5 Days

Course code: CIS_SISE

Price £2,175

Session dates

On request. Please contact us.

This training is also available asonsite training.Please contact us on0870 251 1000 or emailtraining@arrowecs.co.ukfor more information.

Programme

The Implementing and Configuring the Cisco Identity Services Engine courseprovides security and system engineers and administrators an intensive hands-onexperience in setting up, deploying and managing the Cisco Identity Services Engine(ISE) to support authentication, authorization, accounting and policy-basednetworking for devices and users. Students will walk through a complete install,configure the network and devices, and use ISE as a policy engine to protect thenetwork. Hands-on labs include:

    Installing the Cisco ISE

    Certificate Operations

    Cisco ISE Node Deployment

    Configure and Add Network Access Devices to Cisco ISE

    Implementing ISE to support BYOD

    Configuring Multiple Cisco ISE Policies

    Configuring Cisco ISE Guest Services

    Guest Services Self-Registration

    Configuring Cisco ISE for Profiling

    Configuring Cisco ISE for Posture Assessment

    Cisco ISE Reporting

    Working with Cisco ISE Monitoring and Troubleshooting

Objectives

Upon completing this course, the learner will be able to meet these overall objectives:

Describe Cisco ISE architecture, installation, and distributed deployment options.

Configure Network Access Devices, Policy Components and BasicAuthentication and Authorization Policies in Cisco ISE.

1/7

Implement Cisco ISE web authentication and guest services.

Deploy Cisco ISE profiling and posture service.  

Describe administration, monitoring, troubleshooting, and TrustSec SGAsecurity.

Participants

The primary audience for this course is as follows:

Cisco Channel Partner SEs and FEs that are seeking to meet the educationrequirements to attain ATP authorization to sell Cisco ISE.

Field engineers, network administrators, and consulting systems engineers whoimplement and maintain the Cisco ISE in enterprise networks.

Security architects, design engineers, network designers and others seekinghands-on experience with the Cisco ISE.

The secondary audience for this course is as follows:

Security  architects,  design  engineers,  and  others  seeking

hands-on experience with Cisco ISE.

Prerequisites

 The knowledge that a learner should have before attending this

course is as follows:

CCNA or equivalent level of experience with Cisco infrastructures. The Course Interconnecting Cisco  Network Devices Part 2 Version 2.0 (ICND2) provides theprerequisite knowledge

CCNA Security or equivalent level of experience with Cisco infrastructures. Thecourse  Implementing Cisco  IOS Network Security (IINS) provides theprerequisite knowledge

Familiarity with Microsoft Windows and Microsoft Active Directory

Familiarity with 802.1X. The course  Introduction to  802.1X Operations for CiscoSecurity Professionals  (802.1X) provides the prerequisite knowledge

Programme

Module 1: Cisco ISE Product Overview 

2/7

Lesson 1: Introducing the Cisco ISE

Overview of Cisco TrustSec

Overview of Cisco ISE

Cisco ISE Architecture

Cisco ISE Deployment Options

Lesson 2: Getting Started with Cisco ISE

Installing Cisco ISE

Network Time Protocol

Cisco ISE Certificates

Monitoring Basics

Configuring and Verifying Cisco ISE Distributed

Deployment

Lab 1-1: Installing the Cisco ISE

Lab 1-2: Certificate Operations

Lab 1-3: Cisco ISE Node Deployment

Module 2: Cisco ISE Authentication and Authorization

Lesson 1: Configuring Basic Access

NAD Overview

IEEE 802.1X Primer

Cisco Switch Configuration

Cisco WLC Configuration

Cisco ASA Appliance Configuration

Cisco ISE Authentication Process

Internal Databases

Simple Authentication

Rule-Based Authentication

Sessions in Cisco ISE

Lesson 2: Understanding External Authentication

3/7

External Authentication Process

Active Directory

Active Directory

Lightweight Directory Access Protocol

RADIUS

Certificates

Identity Source Sequencing

Authentication Support and Performance

Lab 2-1: Configure and Add Network Access Devices

to Cisco ISE

Lab 2-2: Configure External Identity Sources

Lesson 3: Using Cisco ISE Dictionaries

Overview of Cisco ISE Dictionaries

Read-Only Dictionaries

Administrable Dictionaries

Lab 2-3: Examine Cisco ISE Dictionaries

Lesson 4: Configuring Authorization

Authorization Policies and Components

Authorization Policy Configuration

Exception Policies

Lab 2-4: Basic Cisco ISE Policies

Lab 2-5: Configuring Multiple Cisco ISE Policies

Module 3: Web Authentication and User Access Management

Lesson 1: Implementing Web Authentication

Web Authentication Overview

Configuring ISE Web Authentication

4/7

Verifying Web Authentication

Lesson 2: Implementing Guest Services

Guest Service Overview

Preparing the Deployment

Configuring Sponsor Portal

Configuring Guest Portal

Creating Guest Accounts

Verifying Guest Accounts

Lab 3-1: Configuring Cisco ISE Guest Services

Lab 3-2: Guest Services Self-Registration

Module 4: Cisco ISE Profiler, Posture, and Endpoint Protection Services

Lesson 1: Implementing Cisco ISE Profiler Service

Profiler Service Overview

Configuring Profiling on Cisco ISE

Verifying Profiling

Lab 4-1: Configuring Cisco ISE for Profiling

Lesson 2: Implementing Cisco ISE Posture Service

Posture Service Overview

Configuring Cisco ISE for Client Provisioning

Adapting the Authorization Policy for Posture Compliance

Configuring the Posture System Settings

Configuring the Posture Policy

Verifying the Posture Service

Lab 4-2: Configuring Cisco ISE for Posture Assessment

Lesson 3: Implementing Cisco ISE Endpoint Protection

5/7

Services

EPS Overview

Configuring EPS

Monitoring EPS

Lab 4-3: Endpoint Protections Services

Lesson 4: Implementing BYOD

BYOD Overview

Designing BYOD

Dual SSID BYOD Design

Device Onboarding User Experience

Lab 4-4: BYOD

Module 5: Reports, Monitoring, Troubleshooting, and Security

Lesson  1:  Implementing  Inline  Posture  and  TrustSec

Security

Inline Posture

Security Group Access

MAC Security

Lesson 2: Describing the Cisco ISE Architecture

Cisco ISE Deployment Types

Deploying Monitoring Personas

Preparing the Network Infrastructure

Lesson  3:  Performing  Cisco  ISE  Administration  and

Maintenance

Role-Based Access Control

Cisco ISE Licensing

Backing Up and Restoring the System Configuration

6/7

Lesson 4: Using Cisco ISE Reporting, Monitoring, and

Troubleshooting

Cisco ISE Dashboard Monitoring

Implementing Logging

Managing Alarms

Cisco ISE Reports

Troubleshooting the Network

Backing Up and Restoring the Monitoring Database

Lab 5-1: Logging Setup

Lab 5-2: Cisco ISE Reporting

Lab 5-3: Working with Cisco ISE Monitoring and

Troubleshooting

Lab 5-4: Patching Cisco ISE

Lab A-1: GUI Orientation

Lab A-2: Admin Access

Contact us at:

Telephone: 0870 251 1000Email: educationteam@arrowecs.co.uk, mscott@arrow.comAddress: Arrow ECS, Nidderdale House, Beckwith Knowle, Harrogate, HG3 1SATelephone: 0870 251 1000Fax: 01423 502 373

Powered by TCPDF (www.tcpdf.org)

7/7