CI-SISE
Classroom Training
Modality: C
Duration 5 days
Price
- Canada: CAD 5,195
- Cisco Learning Credits: 40 CLC
Online Training
Modality: L
Duration 5 days
Price
- Canada: CAD 5,195
- Cisco Learning Credits: 40 CLC
Onsite Training
Request training
Implementing and Configuring Cisco Identity Services Engine (SISE)
Download PDF
Course Content
Implementing and Configuring Cisco Identity Services Engine v2.1 (SISE), using v2.3 hands on labs, is an identity and access control policy platform that provides a single policy plane across the entire organization, combining multiple services into a single context-aware identity-based platform. You will learn how to configure and administer many of the services, including authentication, authorization and accounting (AAA), posture, profiling, device on-boarding and guest management. You will also learn the knowledge and skills to enforce security posture compliance for wired and wireless endpoints and enhance infrastructure security using the Cisco ISE.
Who should attend
- ISE Administrators/Engineers
- Wireless Administrators/Engineers
- Consulting Systems Engineers
- Technical/Wireless/BYOD/Security Solutions Architects
- ATP partner systems and field engineers
- Systems integrators who install and implement the Cisco Identity Service Engine
Do you belong in SISE? Meet Carson.
Carson is a wireless administrator for a corporation in Durham, NC. Last year, his company began expressing a need to better manage its network and those utilizing it. That’s when Carson saw an opportunity at Fast Lane. Understanding the value of SISE, Carson enrolled in Fast Lane’s SISE training. Upon completing the 5-day course, Carson was able to return to work and successfully implement an ISE architecture for his business and allow it to control every single detail of its network and network users.
Prerequisites
- CCNA or equivalent level of experience with Cisco infrastructures. The Course Interconnecting Cisco Network Devices Part 2 (ICND2) provides the prerequisite knowledge
- CCNA Security or equivalent level of experience with Cisco infrastructures. The course Implementing Cisco Network Security v3.0 (IINS) provides the prerequisite knowledge
- Familiarity with Microsoft Windows Administering Windows Server 2012 (20411) will provide the prerequisite knowledge
- Familiarity with 802.1X. The course Introduction to 802.1X Operations for Cisco Security Professionals (802.1X) provides the prerequisite knowledge
Course Objectives
- Describe Cisco ISE architecture, installation, and distributed deployment options
- Configure Network Access Devices (NADs), policy components, and basic authentication and authorization policies in Cisco ISE - Implement Cisco ISE web authentication and guest services
- Deploy Cisco ISE profiling, posture and client provisioning services
- Describe administration, monitoring, troubleshooting, and TrustSec SGA security
- Configure device administration using TACACS+ in Cisco ISE
Follow On Courses
Outline: Implementing and Configuring Cisco Identity Services Engine (SISE)
Module 1: Introducing Cisco ISE Architecture and Deployment
- Security challenges
- Cisco ISE solutions Use Cases
- Guest use
- BYOD
- Profiling
- Compliance
- Security group access
- Secure Access Control
- ISE function
- ISE deployment components
- Admin node
- Policy service node
- Monitoring node
- pxGrid Services
- Policy synchronization
- Deployment options
- Context visibility
- Benefits
- Wizard
- Streamline wizard
Module 2: Cisco ISE Policy Enforcement
- IEEE 802.1X primeer
- MAC authentication bypass
- 802.1X and MAB
- Identity sources
- Multi-AD overview and configuration
- Lightweight directory access protocol
- RADIUS
- SAMLv2
- Identity source sequence
- Certification authority services
- Authentication and authorization process
- Exception policies and policy sets
- Global vs local exception processing
- Third-party NAD support
- Cisco TrustSec
- Easy connect
- Overview
- Modes and flows
- Configuration
Module 3: Web Auth & Guest Services
- Web authentication overview
- Guest access services overview
- Guest access settings
- ISE sponsor components and configuration
Module 4: Cisco ISE Profiler
- Profiler service and policies
- Configure
- Prepare
- Enable
- Probe configuration
- Feed service
- Settings
- Profiling parameters
- NMAP scan action
Module 5: Cisco ISE BYOD
- Problem and solutions
- Design
- Portal selection process
- Device portal configuration
- ISE CA server and local certificates
Module 6: Cisco ISE Endpoint Compliance Services
- Posture service
- Conditions
- Compliance module
- Flow
- Agents
- Deployment and licensing
- Client provisioning
- Posture general settings
- Client provisioning portal and policy
Module 7: Cisco ISE with AMP and VPN-Based Services
- AAA – external authentication
- Cisco ASA for VPN authentication
- Threat centric NAC
Module 8: Cisco ISE Integrated Solutions with APIs
- Location-based authorization
- pxGrid framework
Module 9: Working with Network Access Devices
- TACACS+
- Device administration
- Configuration
- Guidelines
- Best practices
- Migrating Cisco ACS to ISE
Module 10: Cisco ISE Design (Self-Study)
- ISE planning and Pre-deployment
- ISE sizing and scaling practices
- Deployment best practices
- Web portals best practices
- PSN HA or load sharing
- Deploying monitoring personas
- Network infrastructure preparation
Module 11: Configuring Thrid Party NAD Support (optional/Self-Study/Reference)
- Third-party NAD support configuration
Labs:
- Initial Configuration of Cisco ISE
- Complete Cisco ISE GUI Setup
- Integrate Cisco ISE with Active Directory
- Integrating Cisco ISE with a second Microsoft Active Directory
- Basic Policy Configuration
- Configure Guest Access
- Guest Access Operations
- Guest Reports
- Configuring Profiling
- Customizing the Cisco ISE Profiling Configuration
- ISE Profiling Reports
- BYOD Configuration
- Device Blacklisting
- Compliance
- Configuring Client Provisioning
- Configuring Posture Policies
- Testing and Monitoring Compliance Based Access
- Compliance Policy Testing
- MDM Integration with Cisco ISE
- MDM Access and Configuration
- Client Access with MDM
- Using Cisco ISE for VPN Access
- Configuring Backups and Patching
- Configuring Administrative Access
- Review of General Tools
- Report Operations
Classroom Training
Modality: C
Duration 5 days
Price
- Canada: CAD 5,195
- Cisco Learning Credits: 40 CLC
Online Training
Modality: L
Duration 5 days
Price
- Canada: CAD 5,195
- Cisco Learning Credits: 40 CLC
Click on town name to book Schedule
This is an Instructor-Led Classroom course
Fast Lane will carry out all guaranteed training regardless of the number of attendees, exempt from force majeure or other unexpected events, like e.g. accidents or illness of the trainer, which prevent the course from being conducted.
This class will become guaranteed to run with one more student registration.
This computer icon in the schedule indicates that this date/time will be conducted as Instructor-Led Online Training.
This is a FLEX course, which is delivered both virtually and in the classroom.
*
This class is delivered by a partner.
Canada
| Jun 25-29, 2018 This is a FLEX event | Ottawa, ON 08:00 Canada/Eastern | Enroll | |
| Online Training Time zone: Canada/Eastern | Enroll | ||
| Sep 17-21, 2018 This is a FLEX event | Mississauga, Ontario 09:00 Canada/Eastern | Enroll | |
| Online Training Time zone: Canada/Eastern | Enroll | ||
| Nov 5-9, 2018 | Online Training 08:00 Canada/Pacific | Enroll | |
| Dec 10-14, 2018 This is a FLEX event | Ottawa, ON 08:00 Canada/Eastern | Enroll | |
| Online Training Time zone: Canada/Eastern | Enroll |
United States
Europe
Germany
France
| Jun 18-22, 2018 Guaranteed to Run | Paris | Enroll | |
| Jun 25-29, 2018 | Paris | Enroll | |
| Aug 20-24, 2018 | Paris | Enroll | |
| Sep 24-28, 2018 | Paris | Enroll | |
| Nov 5-9, 2018 | Paris | Enroll | |
| Dec 17-21, 2018 | Paris | Enroll |
Netherlands
| Jun 4-8, 2018 This is a FLEX event Guaranteed to Run | Utrecht Course language: English | Enroll | |
| Online Training Time zone: Europe/Amsterdam | Enroll | ||
| Oct 15-19, 2018 | Utrecht Course language: English | Enroll | |
| Dec 10-14, 2018 | Utrecht Course language: English | Enroll |
Portugal
| Jul 23-27, 2018 | Lisbon | Enroll |
Slovakia
| Dec 10-14, 2018 This is a FLEX event | Bratislava | Enroll | |
| Online Training Time zone: Europe/Bratislava | Enroll |
Sweden
| May 28-Jun 1, 2018 This is a FLEX event | Stockholm Course language: English | Enroll | |
| Online Training Time zone: Europe/Stockholm | Enroll |
Turkey
| Sep 24-28, 2018 This is a FLEX event | Istanbul Course language: English | Enroll | |
| Online Training Time zone: Asia/Istanbul | Enroll |
United Kingdom
| Jun 4-8, 2018 | Online Training Time zone: Europe/London | Enroll | |
| Jul 16-20, 2018 This is a FLEX event | London, City | Enroll | |
| Online Training Time zone: Europe/London | Enroll | ||
| Sep 3-7, 2018 This is a FLEX event | London, City | Enroll | |
| Online Training Time zone: Europe/London | Enroll | ||
| Nov 26-30, 2018 This is a FLEX event | London, City | Enroll | |
| Online Training Time zone: Europe/London | Enroll |
Latin America
Argentina
| Jul 2-6, 2018 This is a FLEX event | Buenos Aires | Enroll | |
| Online Training Time zone: America/Buenos_Aires | Enroll | ||
| Oct 1-5, 2018 | Online Training Time zone: America/Buenos_Aires | Enroll |
Brazil
| Jul 9-13, 2018 | Online Training Time zone: America/Sao_Paulo | Enroll | |
| Oct 1-5, 2018 | Online Training Time zone: America/Sao_Paulo | Enroll |
Costa Rica
| Aug 6-10, 2018 | Online Training Time zone: America/Costa_Rica | Enroll | |
| Nov 5-9, 2018 | Online Training Time zone: America/Costa_Rica | Enroll |
Mexico
| Jun 4-8, 2018 Guaranteed to Run | Online Training Time zone: America/Mexico_City | Enroll |
Asia Pacific
Australia
| Aug 6-10, 2018 This is a FLEX event | Sydney | Enroll | |
| Online Training Time zone: Australia/Sydney | Enroll | ||
| Oct 1-5, 2018 This is a FLEX event | Melbourne | Enroll | |
| Online Training Time zone: Australia/Melbourne | Enroll | ||
| Nov 26-30, 2018 This is a FLEX event | Sydney | Enroll | |
| Online Training Time zone: Australia/Sydney | Enroll |