Search 6,000+ CA Community College Courses

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CourseHorse

SISE v4.0 - Implementing and Configuring Cisco® Identity Services Engine (Live Online)

via CourseHorse

Go to class Write review

Overview

This course discusses the Cisco Identity Services Engine (ISE), an identity and access control policy platform that provides a single policy plane across the entire organization,combining multiple services, including authentication, authorization, and accounting (AAA), posture, profiling, device on-boarding, and guest management, into a single context-aware identity-based platform. The training provides learners with the knowledge and skills to enforce security posture compliance for wired and wireless endpoints and enhance infrastructure security using the Cisco ISE.To participate in the hands-on labs in this class, you need to bring a laptopcomputer with the following:Windows 7 or 8.1 or 10 is recommended. Mac OSX 10.6 or greater is supported as well.Intel Celeron or better processors are preferred.1 GB or more of RAMBrowser Requirements: Internet Explorer 10 or greater or Mozilla Firefox. (Safari and Mozilla Firefox for Mac OSX)All students are required to have administrator rights to their PCs and cannot be logged in to a domain using any Group Policies that will limit their machine's capabilities.If you do not have administrator rights to your PC, you at least need permissions to download, install, and run Cisco Any Connect Client.If you are participating in a WebEx event, it is highly recommended to take this class at a location that has bandwidth speeds at a minimum of 1 Mbps bandwidth speeds.Note: Students registering for this course will be receiving their course kit in a digital format. To be able to view your digital kit you will need to bring a laptopPC and/or a compatible iPad or Android tablet. The recommended system requirements and instructions to access the course kit content can be found at the following link: Digital Course Kit Requirements and InstructionsPlease be aware that this digital version is designed for online use, not for printing. You can print up to 10 pages only in each guide within a course. Please note that every time you click the Print button in the book, this counts as one page printed, whether or not you click OK in the Print dialog.Objective:Upon completing this course, the learner will be able to meet these overall objectives:Describe Cisco ISE architecture, installation, and distributed deployment options.Configure Network Access Devices (NADs), policy components, and basicauthentication and authorization policies in Cisco ISE - Implement Cisco ISE web authentication and guest services.Deploy Cisco ISE profiling, posture and client provisioning services.Describe administration, monitoring, troubleshooting, and TrustSec SGA security.Configure device administration using TACACS+ in Cisco ISEPrerequisites:The learner is expected to have the following skills and knowledge before attending thiscourse:Familiarity with Cisco IOS CLIFamiliarity with Cisco ASAFamiliarity with Cisco VPN clientsFamiliarity with MicroSoft Windows Operating SystemsFamiliarity with 802.1XWho Should Attend:The audience for this course is as follows:ISE Administrators/EngineersWireless Administrators/EngineersConsulting Systems EngineersTechnical/Wireless/BYOD/Security Solutions ArchitectsATP partner systems and field engineersSystems integrators who install and implement the Cisco Identity Service Engine version 2.1Course OutlineModule 1: Introducing Cisco ISE Architecture and DeploymentLesson 1: Using Cisco ISE as a Network Access Policy EngineCisco Identity Services OverviewCisco Identity Solution BenefitsThe Attack ContinuumControlling Access to the NetworkSecurity Challenges for IT OrganizationsCentralized Policy ManagementCisco Identity Solution Guest Use CaseCisco Identity Solution BYOD Use CaseCisco Identity Solution Profiling Use CaseCisco Identity Solution Compliance Use CaseCisco Identity Solution Security Group Access Use CaseIntroducing the Components of a Cisco ISE DeploymentSecure Access ControlDescribing Cisco ISE FunctionsSummaryLesson 2: Introducing Cisco ISE Deployment ModelsIntroducing the Components of an ISE DeploymentCisco ISE Nodes and PersonasImplementing Nodes, Personas, and RolesAdmin NodePolicy Service NodeMonitoring NodepxGrid ServicesCollector AgentPolicy SynchronizationDeployment OptionsCisco ISE Communication ModelIntroducing Context VisibilityContext Visibility BenefitsContext Visibility WizardStreamline Visibility WizardSummaryLab 1: Configure Initial Cisco ISE setup, GUI Familiarization, system certificate usageTask 1: Verify Cisco ISE setup using CLITask 2: Initial GUI login and FamiliarizationTask 3: Disable ProfilingTask 4: Certificate enrollmentModule 2: Cisco ISE Policy EnforcementLesson 1: Introducing 802.1X and MABAccess: Wired and WirelessIEEE 802.1X PrimerMAC Authentication BypassOverview: Configure 802.1X and MABSummaryLab 2: Integrate Cisco ISE with Active DirectoryTask 1: Configure Active Directory IntegrationTask 2: Configure LDAP IntegrationLesson 2: Introducing Identity ManagementIdentity Sources OverviewInternal Identity SourcesExternal Identity SourcesMulti-AD Overview and ConfigurationLightweight Directory Access ProtocolRADIUSSAMLv2Identity Source SequenceSummaryLesson 3: Configuring Certificate ServicesCertificate Overview and ImplementationCertification Authority ServicesSummaryLesson 4: Introducing Cisco ISE PolicyAuthentication and Authorization ProcessDictionaries, Identity Sources, and ISSsAuthentication and Its ComponentsAuthorization and Its ComponentsException Policies and Policy SetsSessions in Cisco ISESummaryLab 3: Configure Basic Policy on Cisco ISETask 1: Policy Configuration for AD Employees and AD ContractorsTask 2: Client Access – WiredTask 3: Client Access – WirelessTask 4: Network visibility with Context VisibilityLesson 5: Configuring Cisco ISE Policy SetsCisco ISE Policy Sets OverviewGlobal versus Local Exception ProcessingLab 4: Configure Conversion to Policy SetsTask 1: Convert to Policy SetTask 2: Create Wired and Wireless Policy SetsTask 3: Creating a Global ExceptionTask 4: Testing Client Access Using Policy SetsLesson 6: Implementing Third-Party Network Access Device SupportThird-Party NAD Support: Features and WorkflowsSummaryLesson 7: Introducing Cisco TrustSecIntroducing Cisco TrustSecLesson 8: Introducing EasyConnectEasy Connect OverviewEasyConnect Modes and FlowsEasyConnect ConfigurationSummaryLab 5: Configure Access Policy for Easy ConnectTask 1: Configure Cisco ISE to Support Easy ConnectTask 2: Create Easy Connect Policy SetsTask 3: Test the Easy Connect ConnectionModule 3: Web Auth and Guest ServicesLesson 1: Introducing Web Access withCisco ISE Web Authentication OverviewISE Web Authentication Configuration OverviewWeb Authentication Verification OverviewSummaryLab 6: Configure Guest AccessTask 1: Configure Guest Settings.Task 2: Configure Guest Locations.Lesson 2: Introducing ISE Guest Access ComponentsGuest Access Services OverviewSummaryLesson 3: Configuring Guest Access SettingsReview Guest Access SettingsGuest Types OverviewSummaryLab 7: Configure Guest Access OperationsTask 1: Configure Cisco ISE guest access with a hotspot portal.Task 2: Configure Cisco ISE guest access for guest self-registration.(Optional)Task 3: Enable self-registration with sponsor approval.Task 4: Create the accounts as a sponsor (Optional).Task 5: Perform guest account management via the sponsor portal.Lesson 4: Configuring Portals: Sponsors and GuestsCisco ISE Sponsor Components and ConfigurationLab 8: Create Guest ReportsTask 1: Running Reports from Cisco ISE DashboardModule 4: Cisco ISE ProfilerLesson 1: Introducing Cisco ISE ProfilerIntroduction to the Profiler ServiceCisco ISE ProbesProfiling PoliciesSummaryLesson 2: Configuring Cisco ISE ProfilingConfigure Profiling on Cisco ISE OverviewPrepare for ProfilingEnable the Profiling ServiceProfiling Probe ConfigurationConfiguring the Profiler Feed ServiceProfiling SettingsDefine Profiling ParametersConfigure Profile Policies and Logical ProfilesNMAP Scan ActionsGo Live and MonitorSummaryLab 9: Configure ProfilingTask 1: Configuring Profiling in Cisco ISETask 2: Configure the Feed ServiceTask 3: Configuring Profiling in Cisco ISETask 4: NAD Configuration for ProfilingLab 10: Customize the Cisco ISE Profiling ConfigurationTask 1: Examine Endpoint DataTask 2: Create a Logical ProfileTask 3: Creating a New Authorization Policy Using a Logical ProfileTask 4: Create a Custom Profile PolicyTask 5: Testing Authorization Policies with Profiling DataLab 11: Create Cisco ISE Profiling ReportsTask 1: Run Cisco ISE Profiler Feed ReportsTask 2: Endpoint Profile Changes ReportTask 3: Context Visibility Dashlet ReportsModule 5: Cisco ISE BYODLesson 1: Introducing the Cisco ISE BYOD ProcessBYOD Problem and SolutionsBYOD DesignLesson 2: Describing BYOD FlowSummaryLesson 3: Configuring My Devices Portal SettingsMy Devices Portal ConfigurationMy Devices Portal End-User ExperienceLesson 4: Configuring Certificates in BYOD ScenariosLocal ISE CA Server and Local CertificatesCisco ISE Certificates Set Up Walk-throughLab 12: Configure BYODTask 1: Portal ProvisioningTask 2: Provisioning ConfigurationTask 3: Configuring PolicyTask 4: Employee iPad RegistrationLab 13: Blacklisting a DeviceTask 1: Blacklisting a DeviceTask 2: Lost Access Verification.Task 3: Endpoint Record ObservationsTask 4: UnBlacklist the DeviceTask 5: Verify Access CapabilityTask 6: Blacklisting a Stolen DeviceModule 6: Cisco ISE Endpoint Compliance ServicesLesson 1: Introducing Endpoint ComplianceEndpoint CompliancePosture ServicePosture ConditionsCompliance ModulePosture FlowCisco ISE Posture AgentsPosture Operational ModesPosture Service Deployment and LicensingSummaryLab 14: Configure Compliance Services on Cisco ISETask 1: Posture PreparationTask 2: Authorization ProfilesTask 3: Adjusting Authorization Policy for ComplianceLesson 2: Configuring Client Posture Services and Provisioning in Cisco ISEClient ProvisioningPosture Configuration ProcedurePrepareClient Provisioning ResourcesPosture General SettingsPosture PolicyClient Provisioning PortalClient Provisioning PolicyAdditional Configuration TasksSummaryLab 15: Configure Client ProvisioningTask 1: Client UpdatesTask 2: Client ResourcesTask 3: Client Provisioning PoliciesLab 16: Configure Posture PoliciesTask 1: Configure Posture ConditionsTask 2: Configuring Posture RemediationTask 3: Configuring Posture RequirementsTask 4: Configuring Posture PoliciesLab 17: Test and Monitor Compliance Based AccessTask 1: AnyConnect Unified Agent AccessTask 2: Web Agent Access (Optional)Lab 18: Test Compliance PolicyTask 1: Configure a Faulty PolicyTask 2: Use Posture Reports for TroubleshootingTask 3: Using the Posture TroubleshooterTask 4: Policy Correction and TestingModule 7: Cisco ISE with AMP and VPN-Based ServicesLesson 1: Introducing VPN Access Using Cisco ISEAAA – External AuthenticationUsing Cisco ASA for VPN AuthenticationVPN Access Configuration OverviewSummaryLab 19: Configure Cisco ISE for VPN AccessTask 1: Preparing the LabTask 2: Testing VPN Client AccessLesson 2: Configuring Cisco AMP for ISEThreat Centric NAC OverviewThreat Centric NAC ConfigurationSummaryLab 20: Configure Threat-Centric NAC using Cisco AMPTask 1: Configuring the Cisco AMP CloudTask 2: Configuring Posture Policies and ConditionsTask 3: Configuring Posture, AMP and AnyConnect ProfilesTask 4: Enabling and Provisioning TC-NAC ServicesTask 5: Verify Provisioning of AMP for Endpoints (Optional)Module 8: Cisco ISE Integrated Solutions with APIsLesson 1: Introducing Location-Based AuthorizationIntroducing Location-Based AuthorizationLesson 2: Introducing Cisco ISE 2.x pxGridpxGrid FrameworkpxGrid on Cisco ISESetting Up the TopicUse Case: pxGrid for Rapid Threat DetectionLab 21: Configure Cisco ISE pxGrid and Cisco WSA IntegrationTask 1: Configuring Cisco ISE System Certificates for REST and pxGridTask 2: Preparing the Cisco WSATask 3: Configuring Security Groups, Authorization Policy, and EnablingpxGrid on ISETask 4: Enabling pxGrid on WSATask 5: WSA Identity and Access Policies (Optional)Task 6: Testing Corporate PC (Optional)Module 9: Working with Network Access DevicesLesson 1: Configuring TACACS+ for Cisco ISE Device AdministrationReview TACACS+Cisco ISE TACACS+ Device AdministrationConfigure TACACS Device AdministrationTACACS Device Administration Guidelines and Best PracticesMigrating from Cisco ACS to Cisco ISESummaryLab 22: Configure Cisco ISE for Basic Device AdministrationTask 1: Policy Configuration for AD Employees and AD ContractorsLab 23: Configure TACACS+ Command AuthorizationTask 1: Configure Command SetsTask 2: TACACS+ FeaturesModule 10: Cisco ISE Design (Self-Study)Lesson 1: Designing and Deployment Best PracticesCisco ISE Planning and Pre-deploymentCisco ISE Sizing and Scaling PracticesLesson 2: Performing Cisco ISE Installation and Configuration Best PracticesCisco ISE Deployment Best PracticesISE Certificates Best PracticesISE Profiling Best PracticesWeb Portals Best PracticesLogging and Troubleshooting Best PracticesLesson 3: Deploying Failover and High-AvailabilityPSN HA or Load SharingDeploying Monitoring PersonasPreparing the Network InfrastructureModule 11: Configuring Third Party NAD Support (Optional/Self-Study/Reference)Lesson 1: Configuring Third-Party NAD Support (Optional, Self-Study, or Reference)Configuring Third-Party NAD SupportSummary

Taught by

ONLC Training Centers

Reviews

4.6 rating at CourseHorse based on 7 ratings

Start your review of SISE v4.0 - Implementing and Configuring Cisco® Identity Services Engine (Live Online)

Go to class

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.