Implementing and Configuring Cisco Identity Services Engine v1.1 ...

Authorized Training That Optimizes Your Network… And Advances Your Career

Implementing and Configuring Cisco Identity Services Engine v1.1 (SISE) Course Overview: This is a five day course based on Cisco Identity Services Engine (ISE) version 1.1.1, a next-generation identity and access control policy platform that provides a single policy plane across the entire organization combining multiple services, including authentication, authorization, and accounting (AAA), posture, profiling, device on-boarding, and guest management, into a single context-aware identity-based platform. The training provides students with the knowledge and skills to enforce security posture compliance for wired and wireless endpoints and enhance infrastructure security using the Cisco ISE.

Who will benefit from this course? The primary audience for this course is as follows:  Cisco Channel Parnter SEs and FEs  Field engineers, network administrators, and consulting systems engineers who implement and maintain the Cisco ISE in enterprise networks  Security architects, design engineers, network designers, and others seeking hands-on experience with the Cisco ISE

Prerequisites: It is recommended that students have the following prior to attending this course:  CCNA Security Certification  Foundation-level network knowledge and skills necessary to install, configure, operate, and troubleshoot network devices and applications  Foundation-level wireless knowledge and skills

 Basic knowledge of Cisco IOS networking concepts

Sunset Learning Differentiators:  World Class Instruction Team o All instructors hold Certified Cisco Systems Instructor (CCSI) certification. o All instructors have a four-year technical degree or equivalent work experience. o All instructors have a minimum of either four years teaching technical networking classes or five years consulting experience.

 Enhanced Learning Experience o The goal of our instructors during class is ensure students understand the material, guide them through our up to date labs and encourage questions and interactive discussions. Enjoyment of the learning process is a primary objective for Sunset Learning instructors.

 High Quality “Real World” Lab Environments o Course offerings include real-time access to labs with the latest Cisco equipment o Result is real world experiences to help students prepare for actual networking environments. o Hands on experience aids in Cisco exam preparation.

 Outstanding Customer Service o Dedicated program manager o Quality instruction team

o o

Sunset Learning Institute

www.sunsetlearning.com | 888.888.5251

Authorized Cisco Learning Partner Specialized

Creatively designed curriculum to meet your specific needs Delivery at your location or ours

Authorized Training That Optimizes Your Network… And Advances Your Career

Course Objectives: Upon successful completion of this course, students should be able to meet these overall objectives:  Describe Cisco ISE architecture, installation, and distributed deployment options  Configure Network Access Devices (NADs), policy components, and basic authentication and authorization policies in Cisco ISE  Implement Cisco ISE web authentication and guest services  Deploy Cisco ISE profiling, posture, and client provisioning services  Describe administration, monitoring, troubleshooting, and TrustSec SGA security

Course Outline: Module 1: Cisco ISE Product Overview Lesson 1: Introducing the Cisco ISE  Overview of Cisco TrustSec  Overview of Cisco ISE Lesson 2: Getting Started with Cisco ISE  Installing Cisco ISE  Network Time Protocol  Cisco ISE Certificates  Monitoring Basics

 Cisco ISE Architecture  Cisco ISE Deployment Options  Configuring and Verifying Cisco ISE Distributed Deployment

 Lab 1-1: Installing the Cisco ISE  Lab 1-2: Certificate Operations  Lab 1-3: Cisco ISE Node Deployment

Module 2: Cisco ISE Authentication and Authorization Lesson 1: Configuring Basic Access  NAD Overview  IEEE 802.1X Primer  Cisco Switch Configuration  Cisco WLC Configuration  Cisco ASA Appliance Configuration

    

Cisco ISE Authentication Process Internal Databases Simple Authentication Rule-Based Authentication Sessions in Cisco ISE

Lesson 2: Understanding External Authentication  External Authentication Process  Identity Source Sequencing  Active Directory  Authentication Support and Performance  Active Directory  Lab 2-1: Configure and Add Network Access Devices  Lightweight Directory Access Protocol to Cisco ISE  RADIUS  Lab 2-2: Configure External Identity Sources  Certificates

Sunset Learning Institute

www.sunsetlearning.com | 888.888.5251

Authorized Cisco Learning Partner Specialized

Authorized Training That Optimizes Your Network… And Advances Your Career

Lesson 3: Using Cisco ISE Dictionaries  Overview of Cisco ISE Dictionaries  Read-Only Dictionaries Lesson 4: Configuring Authorization  Authorization Policies and Components  Authorization Policy Configuration  Exception Policies

 Administrable Dictionaries  Lab 2-3: Examine Cisco ISE Dictionaries  Lab 2-4: Basic Cisco ISE Policies  Lab 2-5: Configuring Multiple Cisco ISE Policies

Module 3: Web Authentication and User Access Management Lesson 1: Implementing Web Authentication  Web Authentication Overview  Configuring ISE Web Authentication Lesson 2: Implementing Guest Services  Guest Service Overview  Preparing the Deployment  Configuring Sponsor Portal  Configuring Guest Portal

 Verifying Web Authentication

   

Creating Guest Accounts Verifying Guest Accounts Lab 3-1: Configuring Cisco ISE Guest Services Lab 3-2: Guest Services Self-Registration

Module 4: Cisco ISE Profiler, Posture, and Endpoint Protection Services Lesson 1: Implementing Cisco ISE Profiler Service  Profiler Service Overview  Verifying Profiling  Configuring Profiling on Cisco ISE  Lab 4-1: Configuring Cisco ISE for Profiling Lesson 2: Implementing Cisco ISE Posture Service  Posture Service Overview  Configuring the Posture Policy  Configuring Cisco ISE for Client Provisioning  Verifying the Posture Service  Adapting the Authorization Policy for Posture  Lab 4-2: Configuring Cisco ISE for Posture Compliance

Assessment

 Configuring the Posture System Settings Lesson 3: Implementing Cisco ISE Endpoint Protection Services  EPS Overview  Monitoring EPS  Configuring EPS  Lab 4-3: Endpoint Protections Services Lesson 4: Implementing BYOD  BYOD Overview  Designing BYOD  Dual SSID BYOD Design

Sunset Learning Institute

www.sunsetlearning.com | 888.888.5251

Authorized Cisco Learning Partner Specialized

 Device Onboarding User Experience  Lab 4-4: BYOD

Authorized Training That Optimizes Your Network… And Advances Your Career

Module 5: Reports, Monitoring, Troubleshooting, and Security Lesson 1: Implementing Inline Posture and TrustSec Security  Inline Posture  MAC Security  Security Group Access Lesson 2: Describing the Cisco ISE Architecture  Cisco ISE Deployment Types  Deploying Monitoring Personas

 Preparing the Network Infrastructure

Lesson 3: Performing Cisco ISE Administration and Maintenance  Role-Based Access Control  Backing Up and Restoring the System Configuration  Cisco ISE Licensing Lesson 4: Using Cisco ISE Reporting, Monitoring,  Cisco ISE Dashboard Monitoring  Implementing Logging  Managing Alarms  Cisco ISE Reports  Troubleshooting the Network  Backing Up and Restoring the Monitoring Database  Lab 5-1: Logging Setup

and Troubleshooting  Lab 5-2: Cisco ISE Reporting  Lab 5-3: Working with Cisco ISE Monitoring and Troubleshooting

 Lab 5-4: Patching Cisco ISE  Lab A-1: GUI Orientation  Lab A-2: Admin Access

Labs: Lab 1-1: Installing the Cisco ISE Lab 1-2: Certificate Operations Lab 1-3: Cisco ISE Node Deployment Lab 2-1: Configure and Add Network Access Devices to Cisco ISE Lab 2-2: Configure External Identity Sources Lab 2-3: Examine Cisco ISE Dictionaries Lab 2-4: Basic Cisco ISE Policies Lab 2-5: Configuring Multiple Cisco ISE Policies Lab 3-1: Configuring Cisco ISE Guest Services Lab 3-2: Guest Services Self-Registration Lab 4-1: Configuring Cisco ISE for Profiling Lab 4-2: Configuring Cisco ISE for Posture Assessment Lab 4-3: Endpoint Protections Services Lab 4-4: BYOD Lab 5-1: Logging Setup Lab 5-2: Cisco ISE Reporting Lab 5-3: Working with Cisco ISE Monitoring and Troubleshooting Lab 5-4: Patching Cisco ISE Lab A-1: GUI Orientation Lab A-2: Admin Access

Sunset Learning Institute

www.sunsetlearning.com | 888.888.5251

Authorized Cisco Learning Partner Specialized