CI-SISE

Ladda ner som PDF

Implementing and Configuring the Cisco Identity Services Engine

The Implementing and Configuring the Cisco Identity Services Engine course provides security and system engineers and administrators an intensive hands-on experience in setting up, deploying and managing the Cisco Identity Services Engine (ISE) to support authentication, authorization, accounting and policy-based networking for devices and users. Students will walk through a complete install, configure the network and devices, and use ISE as a policy engine to protect the network. Hands-on labs include:

  • Installing the Cisco ISE
  • Certificate Operations
  • Cisco ISE Node Deployment
  • Configure and Add Network Access Devices to Cisco ISE
  • Implementing ISE to support BYOD
  • Configuring Multiple Cisco ISE Policies
  • Configuring Cisco ISE Guest Services
  • Guest Services Self-Registration
  • Configuring Cisco ISE for Profiling
  • Configuring Cisco ISE for Posture Assessment
  • Cisco ISE Reporting
  • Working with Cisco ISE Monitoring and Troubleshooting

ISE ATP Update: The ISE 1.0 Exam (Implementing Cisco Identity Services Engine Secure Solutions Exam, #650-473) will be retired on June 24th, 2013. The new exam (Implementing and Configuring Cisco Identity Service Engine, #500-254) is now available, and maps to the current class. NOte that the new exam is "proctored", and must be taken at a Pearson VUE Exam Center.

Audience

The primary audience for this course is as follows:

  • Cisco Channel Partner SEs and FEs that are seeking to meet the education requirements to attain ATP authorization to sell Cisco ISE.
  • Field engineers, network administrators, and consulting systems engineers who implement and maintain the Cisco ISE in enterprise networks.
  • Security architects, design engineers, network designers and others seeking hands-on experience with the Cisco ISE.

The secondary audience for this course is as follows:

Security architects, design engineers, and others seeking hands-on experience with Cisco ISE.

Prior knowledge

The knowledge that a learner should have before attending this course is as follows:

  • CCNA or equivalent level of experience with Cisco infrastructures. The Course Interconnecting Cisco Network Devices Part 2 (ICND2) provides the prerequisite knowledge
  • CCNA Security or equivalent level of experience with Cisco infrastructures. The course Implementing Cisco IOS Network Security (IINS) provides the prerequisite knowledge
  • Familiarity with Microsoft Windows and Microsoft Active Directory
  • Familiarity with 802.1X. The course !CI-802.1X provides the prerequisite knowledge

Courseware

Course material in English

Course Objectives

Upon completing this course, the learner will be able to meet these overall objectives:

  • Describe Cisco ISE architecture, installation, and distributed deployment options.
  • Configure Network Access Devices, Policy Components and Basic Authentication and Authorization Policies in Cisco ISE.
  • Implement Cisco ISE web authentication and guest services.
  • Deploy Cisco ISE profiling and posture service.
  • Describe administration, monitoring, troubleshooting, and TrustSec SGA security.

Detailed Course Outline

Module 1: Cisco ISE Product Overview

Lesson 1: Introducing the Cisco ISE

  • Overview of Cisco TrustSec
  • Overview of Cisco ISE
  • Cisco ISE Architecture
  • Cisco ISE Deployment Options

Lesson 2: Getting Started with Cisco ISE

  • Installing Cisco ISE
  • Network Time Protocol
  • Cisco ISE Certificates
  • Monitoring Basics
  • Configuring and Verifying Cisco ISE Distributed Deployment
  • Lab 1-1: Installing the Cisco ISE
  • Lab 1-2: Certificate Operations
  • Lab 1-3: Cisco ISE Node Deployment

Module 2: Cisco ISE Authentication and Authorization

Lesson 1: Configuring Basic Access

  • NAD Overview
  • IEEE 802.1X Primer
  • Cisco Switch Configuration
  • Cisco WLC Configuration
  • Cisco ASA Appliance Configuration
  • Cisco ISE Authentication Process
  • Internal Databases
  • Simple Authentication
  • Rule-Based Authentication
  • Sessions in Cisco ISE

Lesson 2: Understanding External... Läs mer

Course Objectives

Upon completing this course, the learner will be able to meet these overall objectives:

  • Describe Cisco ISE architecture, installation, and distributed deployment options.
  • Configure Network Access Devices, Policy Components and Basic Authentication and Authorization Policies in Cisco ISE.
  • Implement Cisco ISE web authentication and guest services.
  • Deploy Cisco ISE profiling and posture service.
  • Describe administration, monitoring, troubleshooting, and TrustSec SGA security.

Detailed Course Outline

Module 1: Cisco ISE Product Overview

Lesson 1: Introducing the Cisco ISE

  • Overview of Cisco TrustSec
  • Overview of Cisco ISE
  • Cisco ISE Architecture
  • Cisco ISE Deployment Options

Lesson 2: Getting Started with Cisco ISE

  • Installing Cisco ISE
  • Network Time Protocol
  • Cisco ISE Certificates
  • Monitoring Basics
  • Configuring and Verifying Cisco ISE Distributed Deployment
  • Lab 1-1: Installing the Cisco ISE
  • Lab 1-2: Certificate Operations
  • Lab 1-3: Cisco ISE Node Deployment

Module 2: Cisco ISE Authentication and Authorization

Lesson 1: Configuring Basic Access

  • NAD Overview
  • IEEE 802.1X Primer
  • Cisco Switch Configuration
  • Cisco WLC Configuration
  • Cisco ASA Appliance Configuration
  • Cisco ISE Authentication Process
  • Internal Databases
  • Simple Authentication
  • Rule-Based Authentication
  • Sessions in Cisco ISE

Lesson 2: Understanding External Authentication

  • External Authentication Process
  • Active Directory
  • Active Directory
  • Lightweight Directory Access Protocol
  • RADIUS
  • Certificates
  • Identity Source Sequencing
  • Authentication Support and Performance
  • Lab 2-1: Configure and Add Network Access Devices to Cisco ISE
  • Lab 2-2: Configure External Identity Sources

Lesson 3: Using Cisco ISE Dictionaries

  • Overview of Cisco ISE Dictionaries
  • Read-Only Dictionaries
  • Administrable Dictionaries
  • Lab 2-3: Examine Cisco ISE Dictionaries

Lesson 4: Configuring Authorization

  • Authorization Policies and Components
  • Authorization Policy Configuration
  • Exception Policies
  • Lab 2-4: Basic Cisco ISE Policies
  • Lab 2-5: Configuring Multiple Cisco ISE Policies

Module 3: Web Authentication and User Access Management

Lesson 1: Implementing Web Authentication

  • Web Authentication Overview
  • Configuring ISE Web Authentication
  • Verifying Web Authentication

Lesson 2: Implementing Guest Services

  • Guest Service Overview
  • Preparing the Deployment
  • Configuring Sponsor Portal
  • Configuring Guest Portal
  • Creating Guest Accounts
  • Verifying Guest Accounts
  • Lab 3-1: Configuring Cisco ISE Guest Services
  • Lab 3-2: Guest Services Self-Registration

Module 4: Cisco ISE Profiler, Posture, and Endpoint Protection Services

Lesson 1: Implementing Cisco ISE Profiler Service

  • Profiler Service Overview
  • Configuring Profiling on Cisco ISE
  • Verifying Profiling
  • Lab 4-1: Configuring Cisco ISE for Profiling

Lesson 2: Implementing Cisco ISE Posture Service

  • Posture Service Overview
  • Configuring Cisco ISE for Client Provisioning
  • Adapting the Authorization Policy for Posture Compliance
  • Configuring the Posture System Settings
  • Configuring the Posture Policy
  • Verifying the Posture Service
  • Lab 4-2: Configuring Cisco ISE for Posture Assessment

Lesson 3: Implementing Cisco ISE Endpoint Protection Services

  • EPS Overview
  • Configuring EPS
  • Monitoring EPS
  • Lab 4-3: Endpoint Protections Services

Lesson 4: Implementing BYOD

  • BYOD Overview
  • Designing BYOD
  • Dual SSID BYOD Design
  • Device Onboarding User Experience
  • Lab 4-4: BYOD

Module 5: Reports, Monitoring, Troubleshooting, and Security

Lesson 1: Implementing Inline Posture and TrustSec Security

  • Inline Posture
  • Security Group Access
  • MAC Security

Lesson 2: Describing the Cisco ISE Architecture

  • Cisco ISE Deployment Types
  • Deploying Monitoring Personas
  • Preparing the Network Infrastructure

Lesson 3: Performing Cisco ISE Administration and Maintenance

  • Role-Based Access Control
  • Cisco ISE Licensing
  • Backing Up and Restoring the System Configuration

Lesson 4: Using Cisco ISE Reporting, Monitoring, and Troubleshooting

  • Cisco ISE Dashboard Monitoring
  • Implementing Logging
  • Managing Alarms
  • Cisco ISE Reports
  • Troubleshooting the Network
  • Backing Up and Restoring the Monitoring Database
  • Lab 5-1: Logging Setup
  • Lab 5-2: Cisco ISE Reporting
  • Lab 5-3: Working with Cisco ISE Monitoring and Troubleshooting
  • Lab 5-4: Patching Cisco ISE
  • Lab A-1: GUI Orientation
  • Lab A-2: Admin Access

Utbildningen levereras i samarbete med

Kurs-ID: CI-SISE
Längd: 5 dagar
Pris exkl moms: 29 500 kr

Frågor om kursen?

Har du frågor om kursens innehåll, leveransdatum/ort eller behöver en företagsanpassad variant? Fyll i formuläret nedan!


Kan betalas med:
TRAINING CARD

Avtalsrabatter och kampanjer kan ej nyttjas på denna kurs.


Ort och datum

Stockholm
12 dec-16 dec
Boka nu!