• 18756 Stone Oak Park Way, Suite200, San Antonio TX 78258 USA
  • 100 Queen St W, Brampton, ON L6X 1A4, Canada
  • +1-800-961-0337
05/18/2020 05/22/2020
USD 3995 Live Online
07/06/2020 07/10/2020
USD 3995 Live Online
09/14/2020 09/18/2020
USD 3995 Live Online
11/02/2020 11/06/2020
USD 3995 Live Online

Implementing and Configuring Cisco Identity Services Engine (SISE v3.0)

After finishing this course, the student will have the capacity to meet these general destinations:

  • Portray the Cisco ISE design, establishment, and dispersed sending choices.

  • Arrange Network Access Devices (NADs), approach segments, and essential validation and approval strategies in Cisco ISE - Implement Cisco ISE web confirmation and visitor administrations.

  • Send Cisco ISE profiling, stance, and customer provisioning administrations.

  • Portray organization, observing, investigating, and TrustSec SGA security.

  • Design gadget organization utilizing TACACS+ in Cisco ISE

Who Should Attend

The gathering of people for this course is as per the following:

  • ISE Administrators/Engineers

  • Remote Administrators/Engineers

  • Counseling Systems Engineers

  • Specialized/Wireless/BYOD/Security Solutions Architects

  • ATP accomplice frameworks and field engineers

  • Frameworks integrators who introduce and execute the Cisco Identity Service Engine adaptation 2.1

Module 1: Introducing Cisco ISE Architecture and Deployment

Lesson 1: Using Cisco ISE as a Network Access Policy Engine

  • Cisco Identity Services Overview
  • Cisco Identity Solution Benefits
  • The Attack Continuum
  • Controlling Access to the Network
  • Security Challenges for IT Organizations
  • Concentrated Policy Management
  • Cisco Identity Solution Guest Use Case
  • Cisco Identity Solution BYOD Use Case
  • Cisco Identity Solution Profiling Use Case
  • Cisco Identity Solution Compliance Use Case
  • Cisco Identity Solution Security Group Access Use Case
  • Presenting the Components of a Cisco ISE Deployment
  • Secure Access Control
  • Portraying Cisco ISE Functions
  • Synopsis

Lesson 2: Introducing Cisco ISE Deployment Models

Presenting the Components of an ISE Deployment

  • Cisco ISE Nodes and Personas
  • Actualizing Nodes, Personas, and Roles
  • Administrator Node
  • Arrangement Service Node
  • Checking Node
  • pxGrid Services
  • Gatherer Agent
  • Arrangement Synchronization
  • Sending Options
  • Cisco ISE Communication Model
  • Presenting Context Visibility
  • Setting Visibility Benefits
  • Setting Visibility Wizard
  • Streamline Visibility Wizard
  • Synopsis

Lab 1: Configure Initial Cisco ISE setup, GUI Familiarization, framework testament use

Errand 1: Verify Cisco ISE setup utilizing CLI

Errand 2: Initial GUI login and Familiarization

Errand 3: Disable Profiling

Errand 4: Certificate enlistment

Module 2: Cisco ISE Policy Enforcement

Lesson 1: Introducing 802.1X and MAB Access: Wired and Wireless

  • IEEE 802.1X Primer
  • Macintosh Authentication Bypass
  • Review: Configure 802.1X and MAB
  • Synopsis

Lab 2: Integrate Cisco ISE with Active Directory

Errand 1: Configure Active Directory Integration

Errand 2: Configure LDAP Integration

Lesson 2: Introducing Identity Management

  • Personality Sources Overview
  • Interior Identity Sources
  • Outside Identity Sources
  • Multi-AD Overview and Configuration
  • Lightweight Directory Access Protocol
  • Range
  • SAMLv2
  • Personality Source Sequence
  • Synopsis

Lesson 3: Configuring Certificate Services

  • Testament Overview and Implementation
  • Confirmation Authority Services
  • Synopsis

Lesson 4: Introducing Cisco ISE Policy

  • Confirmation and Authorization Process
  • Word references, Identity Sources, and ISSs
  • Confirmation and Its Components
  • Approval and Its Components
  • Special case Policies and Policy Sets
  • Sessions in Cisco ISE
  • Synopsis

Lab 3: Configure Basic Policy on Cisco ISE

Errand 1: Policy Configuration for AD Employees and AD Contractors

Errand 2: Client Access – Wired

Errand 3: Client Access – Wireless

Errand 4: Network perceivability with Context Visibility

Lesson 5: Configuring Cisco ISE Policy Sets

  • Cisco ISE Policy Sets Overview
  • Worldwide versus Local Exception Processing

Lab 4: Configure Conversion to Policy Sets

Errand 1: Convert to Policy Set

Errand 2: Create Wired and Wireless Policy Sets

Errand 3: Creating a Global Exception

Errand 4: Testing Client Access Using Policy Sets

Lesson 6: Implementing Third-Party Network Access Device Support

  • Outsider NAD Support: Features and Workflows
  • Synopsis

Lesson 7: Introducing Cisco TrustSec

  • Presenting Cisco TrustSec

Lesson 8: Introducing EasyConnect

  • Simple Connect Overview
  • EasyConnect Modes and Flows
  • EasyConnect Configuration
  • Synopsis

Lab 5: Configure Access Policy for Easy Connect

Errand 1: Configure Cisco ISE to Support Easy Connect

Errand 2: Create Easy Connect Policy Sets

Errand 3: Test the Easy Connect Connection

Module 3: Web Auth and Guest Services

Lesson 1: Introducing Web Access with Cisco ISE

  • Web Authentication Overview
  • ISE Web Authentication Configuration Overview
  • Web Authentication Verification Overview
  • Synopsis

Lab 6: Configure Guest Access

Errand 1: Configure Guest Settings.

Errand 2: Configure Guest Locations.

Lesson 2: Introducing ISE Guest Access Components

  • Visitor Access Services Overview
  • Synopsis
  • Lesson 3: Configuring Guest Access Settings
  • Audit Guest Access Settings
  • Visitor Types Overview
  • Synopsis

Lab 7: Configure Guest Access Operations

Errand 1: Configure Cisco ISE visitor access with a hotspot entrance.

Assignment 2: Configure Cisco ISE visitor access for visitor self-enlistment. (Discretionary)

Assignment 3: Enable self-enlistment with support endorsement.

Errand 4: Create the records as a support (Optional).

Errand 5: Perform visitor account administration by means of the support entry.

Lesson 4: Configuring Portals: Sponsors and Guests

  • Cisco ISE Sponsor Components and Configuration

Lab 8: Create Guest Reports

Errand 1: Running Reports from Cisco ISE Dashboard

Module 4: Cisco ISE Profiler

Lesson 1: Introducing Cisco ISE Profiler

  • Prologue to the Profiler Service
  • Cisco ISE Probes
  • Profiling Policies
  • Synopsis

Lesson 2: Configuring Cisco ISE Profiling

  • Arrange Profiling on Cisco ISE Overview
  • Get ready for Profiling
  • Empower the Profiling Service
  • Profiling Probe Configuration
  • Arranging the Profiler Feed Service
  • Profiling Settings
  • Characterize Profiling Parameters
  • Arrange Profile Policies and Logical Profiles
  • NMAP Scan Actions
  • Go Live and Monitor
  • Synopsis

Lab 9: Configure Profiling

Errand 1: Configuring Profiling in Cisco ISE

Errand 2: Configure the Feed Service

Errand 3: Configuring Profiling in Cisco ISE

Errand 4: NAD Configuration for Profiling

Lab 10: Customize the Cisco ISE Profiling Configuration

Errand 1: Examine Endpoint Data

Errand 2: Create a Logical Profile

Errand 3: Creating a New Authorization Policy Using a Logical Profile

Errand 4: Create a Custom Profile Policy

Errand 5: Testing Authorization Policies with Profiling Data

Lab 11: Create Cisco ISE Profiling Reports

Assignment 1: Run the Cisco ISE Profiler Feed Reports

Assignment 2: Endpoint Profile Changes Report

Assignment 3: Context Visibility Dashlet Reports

Module 5: Cisco ISE BYOD

Lesson 1: Introducing the Cisco ISE BYOD Process

  • BYOD Problem and Solutions
  • BYOD Design

Lesson 2: Describing BYOD Flow

  • Outline

Lesson 3: Configuring My Devices Portal Settings

  • My Devices Portal Configuration
  • My Devices Portal End-User Experience

Lesson 4: Configuring Certificates in BYOD Scenarios

  • Nearby ISE CA Server and Local Certificates
  • Cisco ISE Certificates Set Up Walk-through

Lab 12: Configure BYOD

Assignment 1: Portal Provisioning

Assignment 2: Provisioning Configuration

Assignment 3: Configuring Policy

Assignment 4: Employee iPad Registration

Lab 13: Blacklisting a Device

Assignment 1: Blacklisting a Device

Assignment 2: Lost Access Verification.

Assignment 3: Endpoint Record Observations

Assignment 4: UnBlacklist the Device

Assignment 5: Verify Access Capability

Assignment 6: Blacklisting a Stolen Device

Module 6: Cisco ISE Endpoint Compliance Services

Lesson 1: Introducing Endpoint Compliance

  • Endpoint Compliance
  • Stance Service
  • Stance Conditions
  • Consistence Module
  • Stance Flow
  • Cisco ISE Posture Agents
  • Stance Operational Modes
  • Stance Service Deployment and Licensing
  • Rundown

Lab 14: Configure Compliance Services on Cisco ISE

Undertaking 1: Posture Preparation

Undertaking 2: Authorization Profiles

Undertaking 3: Adjusting Authorization Policy for Compliance

Lesson 2: Configuring Client Posture Services and Provisioning in Cisco ISE

  • Customer Provisioning
  • Stance Configuration Procedure
  • Get ready
  • Customer Provisioning Resources
  • Stance General Settings
  • Stance Policy
  • Customer Provisioning Portal
  • Customer Provisioning Policy
  • Extra Configuration Tasks
  • Synopsis

Lab 15: Configure Client Provisioning

Errand 1: Client Updates

Errand 2: Client Resources

Errand 3: Client Provisioning Policies

Lab 16: Configure Posture Policies

Assignment 1: Configure Posture Conditions

Assignment 2: Configuring Posture Remediation

Assignment 3: Configuring Posture Requirements

Assignment 4: Configuring Posture Policies

Lab 17: Test and Monitor Compliance Based Access

Assignment 1: AnyConnect Unified Agent Access

Assignment 2: Web Agent Access (Optional)

Lab 18: Test Compliance Policy

Assignment 1: Configure a Faulty Policy

Assignment 2: Use Posture Reports for Troubleshooting

Assignment 3: Using the Posture Troubleshooter

Assignment 4: Policy Correction and Testing

Module 7: Cisco ISE with AMP and VPN-Based Services

Lesson 1: Introducing VPN Access Using Cisco ISE

  • AAA – External Authentication
  • Utilizing Cisco ASA for VPN Authentication
  • VPN Access Configuration Overview
  • Outline

Lab 19: Configure Cisco ISE for VPN Access

Assignment 1: Preparing the Lab

Assignment 2: Testing VPN Client Access

Lesson 2: Configuring Cisco AMP for ISE

  • Danger Centric NAC Overview
  • Danger Centric NAC Configuration
  • Outline

Lab 20: Configure Threat-Centric NAC utilizing Cisco AMP

Assignment 1: Configuring the Cisco AMP Cloud

Assignment 2: Configuring Posture Policies and Conditions

Assignment 3: Configuring Posture, AMP and AnyConnect Profiles

Assignment 4: Enabling and Provisioning TC-NAC Services

Assignment 5: Verify Provisioning of AMP for Endpoints (Optional)

Module 8: Cisco ISE Integrated Solutions with APIs

Lesson 1: Introducing Location-Based Authorization

  • Presenting Location-Based Authorization

Lesson 2: Introducing Cisco ISE 2.x pxGrid

  • pxGrid Framework
  • pxGrid on Cisco ISE
  • Setting Up the Topic
  • Utilize Case: pxGrid for Rapid Threat Detection

Lab 21: Configure Cisco ISE pxGrid and Cisco WSA Integration

Assignment 1: Configuring Cisco ISE System Certificates for REST and pxGrid

Assignment 2: Preparing the Cisco WSA

Assignment 3: Configuring Security Groups, Authorization Policy, and Enabling pxGrid on ISE

Assignment 4: Enabling pxGrid on WSA

Assignment 5: WSA Identity and Access Policies (Optional)

Assignment 6: Testing Corporate PC (Optional)

Module 9: Working with Network Access Devices

Lesson 1: Configuring TACACS+ for Cisco ISE Device Administration

  • Survey TACACS+
  • Cisco ISE TACACS+ Device Administration
  • Arrange TACACS Device Administration
  • TACACS Device Administration Guidelines and Best Practices
  • Moving from Cisco ACS to Cisco ISE
  • Synopsis

Lab 22: Configure Cisco ISE for Basic Device Administration

Errand 1: Policy Configuration for AD Employees and AD Contractors

Lab 23: Configure TACACS+ Command Authorization

Errand 1: Configure Command Sets

Errand 2: TACACS+ Features

Module 10: Cisco ISE Design (Self-Study)

Lesson 1: Designing and Deployment Best Practices

  • Cisco ISE Planning and Pre-arrangement
  • Cisco ISE Sizing and Scaling Practices

Lesson 2: Performing Cisco ISE Installation and Configuration Best Practices

  • Cisco ISE Deployment Best Practices
  • ISE Certificates Best Practices
  • ISE Profiling Best Practices
  • Online interfaces Best Practices
  • Logging and Troubleshooting Best Practices

Lesson 3: Deploying Failover and High-Availability

  • PSN HA or Load Sharing
  • Sending Monitoring Personas
  • Setting up the Network Infrastructure

Module 11: Configuring Third-Party NAD Support

  • (Discretionary/Self-Study/Reference)
  • Lesson 1: Configuring Third-Party NAD Support (Optional, Self-Study, or Reference)
  • Arranging Third-Party NAD Support
  • Outline

The student is relied upon to have the accompanying aptitudes and learning before going to this course:

  • Recognition with Cisco IOS CLI

  • Recognition with Cisco ASA

  • Recognition with Cisco VPN customers

  • Recognition with MicroSoft Windows Operating Systems

  • Recognition with 802.1X

Are you being sponsored by your employer to take this class?
Contact No.
  • *I authorize Microtek Learning to contact me via Phone/Email