Upload
globaltech-ltda
View
108
Download
0
Embed Size (px)
Citation preview
Implementing and Configuring the CiscoIdentity Services Engine
Information
Length: 5 Days
Course code: CIS_SISE
Price £2,175
Session dates
On request. Please contact us.
This training is also available asonsite training.Please contact us on0870 251 1000 or [email protected] more information.
Programme
The Implementing and Configuring the Cisco Identity Services Engine courseprovides security and system engineers and administrators an intensive hands-onexperience in setting up, deploying and managing the Cisco Identity Services Engine(ISE) to support authentication, authorization, accounting and policy-basednetworking for devices and users. Students will walk through a complete install,configure the network and devices, and use ISE as a policy engine to protect thenetwork. Hands-on labs include:
Installing the Cisco ISE
Certificate Operations
Cisco ISE Node Deployment
Configure and Add Network Access Devices to Cisco ISE
Implementing ISE to support BYOD
Configuring Multiple Cisco ISE Policies
Configuring Cisco ISE Guest Services
Guest Services Self-Registration
Configuring Cisco ISE for Profiling
Configuring Cisco ISE for Posture Assessment
Cisco ISE Reporting
Working with Cisco ISE Monitoring and Troubleshooting
Objectives
Upon completing this course, the learner will be able to meet these overall objectives:
Describe Cisco ISE architecture, installation, and distributed deployment options.
Configure Network Access Devices, Policy Components and BasicAuthentication and Authorization Policies in Cisco ISE.
1/7
Implement Cisco ISE web authentication and guest services.
Deploy Cisco ISE profiling and posture service.
Describe administration, monitoring, troubleshooting, and TrustSec SGAsecurity.
Participants
The primary audience for this course is as follows:
Cisco Channel Partner SEs and FEs that are seeking to meet the educationrequirements to attain ATP authorization to sell Cisco ISE.
Field engineers, network administrators, and consulting systems engineers whoimplement and maintain the Cisco ISE in enterprise networks.
Security architects, design engineers, network designers and others seekinghands-on experience with the Cisco ISE.
The secondary audience for this course is as follows:
Security architects, design engineers, and others seeking
hands-on experience with Cisco ISE.
Prerequisites
The knowledge that a learner should have before attending this
course is as follows:
CCNA or equivalent level of experience with Cisco infrastructures. The Course Interconnecting Cisco Network Devices Part 2 Version 2.0 (ICND2) provides theprerequisite knowledge
CCNA Security or equivalent level of experience with Cisco infrastructures. Thecourse Implementing Cisco IOS Network Security (IINS) provides theprerequisite knowledge
Familiarity with Microsoft Windows and Microsoft Active Directory
Familiarity with 802.1X. The course Introduction to 802.1X Operations for CiscoSecurity Professionals (802.1X) provides the prerequisite knowledge
Programme
Module 1: Cisco ISE Product Overview
2/7
Lesson 1: Introducing the Cisco ISE
Overview of Cisco TrustSec
Overview of Cisco ISE
Cisco ISE Architecture
Cisco ISE Deployment Options
Lesson 2: Getting Started with Cisco ISE
Installing Cisco ISE
Network Time Protocol
Cisco ISE Certificates
Monitoring Basics
Configuring and Verifying Cisco ISE Distributed
Deployment
Lab 1-1: Installing the Cisco ISE
Lab 1-2: Certificate Operations
Lab 1-3: Cisco ISE Node Deployment
Module 2: Cisco ISE Authentication and Authorization
Lesson 1: Configuring Basic Access
NAD Overview
IEEE 802.1X Primer
Cisco Switch Configuration
Cisco WLC Configuration
Cisco ASA Appliance Configuration
Cisco ISE Authentication Process
Internal Databases
Simple Authentication
Rule-Based Authentication
Sessions in Cisco ISE
Lesson 2: Understanding External Authentication
3/7
External Authentication Process
Active Directory
Active Directory
Lightweight Directory Access Protocol
RADIUS
Certificates
Identity Source Sequencing
Authentication Support and Performance
Lab 2-1: Configure and Add Network Access Devices
to Cisco ISE
Lab 2-2: Configure External Identity Sources
Lesson 3: Using Cisco ISE Dictionaries
Overview of Cisco ISE Dictionaries
Read-Only Dictionaries
Administrable Dictionaries
Lab 2-3: Examine Cisco ISE Dictionaries
Lesson 4: Configuring Authorization
Authorization Policies and Components
Authorization Policy Configuration
Exception Policies
Lab 2-4: Basic Cisco ISE Policies
Lab 2-5: Configuring Multiple Cisco ISE Policies
Module 3: Web Authentication and User Access Management
Lesson 1: Implementing Web Authentication
Web Authentication Overview
Configuring ISE Web Authentication
4/7
Verifying Web Authentication
Lesson 2: Implementing Guest Services
Guest Service Overview
Preparing the Deployment
Configuring Sponsor Portal
Configuring Guest Portal
Creating Guest Accounts
Verifying Guest Accounts
Lab 3-1: Configuring Cisco ISE Guest Services
Lab 3-2: Guest Services Self-Registration
Module 4: Cisco ISE Profiler, Posture, and Endpoint Protection Services
Lesson 1: Implementing Cisco ISE Profiler Service
Profiler Service Overview
Configuring Profiling on Cisco ISE
Verifying Profiling
Lab 4-1: Configuring Cisco ISE for Profiling
Lesson 2: Implementing Cisco ISE Posture Service
Posture Service Overview
Configuring Cisco ISE for Client Provisioning
Adapting the Authorization Policy for Posture Compliance
Configuring the Posture System Settings
Configuring the Posture Policy
Verifying the Posture Service
Lab 4-2: Configuring Cisco ISE for Posture Assessment
Lesson 3: Implementing Cisco ISE Endpoint Protection
5/7
Services
EPS Overview
Configuring EPS
Monitoring EPS
Lab 4-3: Endpoint Protections Services
Lesson 4: Implementing BYOD
BYOD Overview
Designing BYOD
Dual SSID BYOD Design
Device Onboarding User Experience
Lab 4-4: BYOD
Module 5: Reports, Monitoring, Troubleshooting, and Security
Lesson 1: Implementing Inline Posture and TrustSec
Security
Inline Posture
Security Group Access
MAC Security
Lesson 2: Describing the Cisco ISE Architecture
Cisco ISE Deployment Types
Deploying Monitoring Personas
Preparing the Network Infrastructure
Lesson 3: Performing Cisco ISE Administration and
Maintenance
Role-Based Access Control
Cisco ISE Licensing
Backing Up and Restoring the System Configuration
6/7
Lesson 4: Using Cisco ISE Reporting, Monitoring, and
Troubleshooting
Cisco ISE Dashboard Monitoring
Implementing Logging
Managing Alarms
Cisco ISE Reports
Troubleshooting the Network
Backing Up and Restoring the Monitoring Database
Lab 5-1: Logging Setup
Lab 5-2: Cisco ISE Reporting
Lab 5-3: Working with Cisco ISE Monitoring and
Troubleshooting
Lab 5-4: Patching Cisco ISE
Lab A-1: GUI Orientation
Lab A-2: Admin Access
Contact us at:
Telephone: 0870 251 1000Email: [email protected], [email protected]: Arrow ECS, Nidderdale House, Beckwith Knowle, Harrogate, HG3 1SATelephone: 0870 251 1000Fax: 01423 502 373
Powered by TCPDF (www.tcpdf.org)
7/7