This 5-day training course from Arrow ECS teaches students how to implement and configure the Cisco Identity Services Engine (ISE). The course provides hands-on experience setting up ISE to support authentication, authorization, accounting, and policy-based networking. Key topics covered include installing and deploying ISE, configuring network devices and policies, implementing guest services, profiling, posture assessment, and troubleshooting. The target audience includes Cisco partners, network administrators, and security professionals. Prerequisites include networking and security experience. The course is available on-request from Arrow ECS and can also be delivered on-site.
Configure Cisco ISE for Authentication, Authorization & Policy
1. Implementing and Configuring the Cisco
Identity Services Engine
Information
Length: 5 Days
Course code: CIS_SISE
Price £2,175
Session dates
On request. Please contact us.
This training is also available as
onsite training.
Please contact us on
0870 251 1000 or email
training@arrowecs.co.uk
for more information.
Programme
The Implementing and Configuring the Cisco Identity Services Engine course
provides security and system engineers and administrators an intensive hands-on
experience in setting up, deploying and managing the Cisco Identity Services Engine
(ISE) to support authentication, authorization, accounting and policy-based
networking for devices and users. Students will walk through a complete install,
configure the network and devices, and use ISE as a policy engine to protect the
network. Hands-on labs include:
Installing the Cisco ISE
Certificate Operations
Cisco ISE Node Deployment
Configure and Add Network Access Devices to Cisco ISE
Implementing ISE to support BYOD
Configuring Multiple Cisco ISE Policies
Configuring Cisco ISE Guest Services
Guest Services Self-Registration
Configuring Cisco ISE for Profiling
Configuring Cisco ISE for Posture Assessment
Cisco ISE Reporting
Working with Cisco ISE Monitoring and Troubleshooting
Objectives
Upon completing this course, the learner will be able to meet these overall objectives:
Describe Cisco ISE architecture, installation, and distributed deployment options.
Configure Network Access Devices, Policy Components and Basic
Authentication and Authorization Policies in Cisco ISE.
1/7
2. Implement Cisco ISE web authentication and guest services.
Deploy Cisco ISE profiling and posture service.
Describe administration, monitoring, troubleshooting, and TrustSec SGA
security.
Participants
The primary audience for this course is as follows:
Cisco Channel Partner SEs and FEs that are seeking to meet the education
requirements to attain ATP authorization to sell Cisco ISE.
Field engineers, network administrators, and consulting systems engineers who
implement and maintain the Cisco ISE in enterprise networks.
Security architects, design engineers, network designers and others seeking
hands-on experience with the Cisco ISE.
The secondary audience for this course is as follows:
Security architects, design engineers, and others seeking
hands-on experience with Cisco ISE.
Prerequisites
The knowledge that a learner should have before attending this
course is as follows:
CCNA or equivalent level of experience with Cisco infrastructures. The Course
Interconnecting Cisco Network Devices Part 2 Version 2.0 (ICND2) provides the
prerequisite knowledge
CCNA Security or equivalent level of experience with Cisco infrastructures. The
course Implementing Cisco IOS Network Security (IINS) provides the
prerequisite knowledge
Familiarity with Microsoft Windows and Microsoft Active Directory
Familiarity with 802.1X. The course Introduction to 802.1X Operations for Cisco
Security Professionals (802.1X) provides the prerequisite knowledge
Programme
Module 1: Cisco ISE Product Overview
2/7
3. Lesson 1: Introducing the Cisco ISE
Overview of Cisco TrustSec
Overview of Cisco ISE
Cisco ISE Architecture
Cisco ISE Deployment Options
Lesson 2: Getting Started with Cisco ISE
Installing Cisco ISE
Network Time Protocol
Cisco ISE Certificates
Monitoring Basics
Configuring and Verifying Cisco ISE Distributed
Deployment
Lab 1-1: Installing the Cisco ISE
Lab 1-2: Certificate Operations
Lab 1-3: Cisco ISE Node Deployment
Module 2: Cisco ISE Authentication and Authorization
Lesson 1: Configuring Basic Access
NAD Overview
IEEE 802.1X Primer
Cisco Switch Configuration
Cisco WLC Configuration
Cisco ASA Appliance Configuration
Cisco ISE Authentication Process
Internal Databases
Simple Authentication
Rule-Based Authentication
Sessions in Cisco ISE
Lesson 2: Understanding External Authentication
3/7
4. External Authentication Process
Active Directory
Active Directory
Lightweight Directory Access Protocol
RADIUS
Certificates
Identity Source Sequencing
Authentication Support and Performance
Lab 2-1: Configure and Add Network Access Devices
to Cisco ISE
Lab 2-2: Configure External Identity Sources
Lesson 3: Using Cisco ISE Dictionaries
Overview of Cisco ISE Dictionaries
Read-Only Dictionaries
Administrable Dictionaries
Lab 2-3: Examine Cisco ISE Dictionaries
Lesson 4: Configuring Authorization
Authorization Policies and Components
Authorization Policy Configuration
Exception Policies
Lab 2-4: Basic Cisco ISE Policies
Lab 2-5: Configuring Multiple Cisco ISE Policies
Module 3: Web Authentication and User Access Management
Lesson 1: Implementing Web Authentication
Web Authentication Overview
Configuring ISE Web Authentication
4/7
5. Verifying Web Authentication
Lesson 2: Implementing Guest Services
Guest Service Overview
Preparing the Deployment
Configuring Sponsor Portal
Configuring Guest Portal
Creating Guest Accounts
Verifying Guest Accounts
Lab 3-1: Configuring Cisco ISE Guest Services
Lab 3-2: Guest Services Self-Registration
Module 4: Cisco ISE Profiler, Posture, and Endpoint Protection Services
Lesson 1: Implementing Cisco ISE Profiler Service
Profiler Service Overview
Configuring Profiling on Cisco ISE
Verifying Profiling
Lab 4-1: Configuring Cisco ISE for Profiling
Lesson 2: Implementing Cisco ISE Posture Service
Posture Service Overview
Configuring Cisco ISE for Client Provisioning
Adapting the Authorization Policy for Posture Compliance
Configuring the Posture System Settings
Configuring the Posture Policy
Verifying the Posture Service
Lab 4-2: Configuring Cisco ISE for Posture Assessment
Lesson 3: Implementing Cisco ISE Endpoint Protection
5/7
6. Services
EPS Overview
Configuring EPS
Monitoring EPS
Lab 4-3: Endpoint Protections Services
Lesson 4: Implementing BYOD
BYOD Overview
Designing BYOD
Dual SSID BYOD Design
Device Onboarding User Experience
Lab 4-4: BYOD
Module 5: Reports, Monitoring, Troubleshooting, and Security
Lesson 1: Implementing Inline Posture and TrustSec
Security
Inline Posture
Security Group Access
MAC Security
Lesson 2: Describing the Cisco ISE Architecture
Cisco ISE Deployment Types
Deploying Monitoring Personas
Preparing the Network Infrastructure
Lesson 3: Performing Cisco ISE Administration and
Maintenance
Role-Based Access Control
Cisco ISE Licensing
Backing Up and Restoring the System Configuration
6/7
7. Lesson 4: Using Cisco ISE Reporting, Monitoring, and
Troubleshooting
Cisco ISE Dashboard Monitoring
Implementing Logging
Managing Alarms
Cisco ISE Reports
Troubleshooting the Network
Backing Up and Restoring the Monitoring Database
Lab 5-1: Logging Setup
Lab 5-2: Cisco ISE Reporting
Lab 5-3: Working with Cisco ISE Monitoring and
Troubleshooting
Lab 5-4: Patching Cisco ISE
Lab A-1: GUI Orientation
Lab A-2: Admin Access
Contact us at:
Telephone: 0870 251 1000
Email: educationteam@arrowecs.co.uk, mscott@arrow.com
Address: Arrow ECS, Nidderdale House, Beckwith Knowle, Harrogate, HG3 1SA
Telephone: 0870 251 1000
Fax: 01423 502 373
Powered by TCPDF (www.tcpdf.org)
7/7