Implementing and Configuring Cisco Identity Services Engine (SISE)

 

Course Overview

Implementing and Configuring Cisco Identity Services Engine v2.1 (SISE) is an identity and access control policy platform that provides a single policy plane across the entire organization, combining multiple services into a single context-aware identity-based platform. You will learn how to configure and administer many of the services, including authentication, authorization and accounting (AAA), posture, profiling, device on-boarding and guest management. You will also learn the knowledge and skills to enforce security posture compliance for wired and wireless endpoints and enhance infrastructure security using the Cisco ISE.

A qui s'adresse cette formation

The audience for this course is as follows:

  • Cisco Channel Partner SEs and FEs that are seeking to meet the education requirements to attain ATP authorisation to sell Cisco ISE.
  • Field engineers, network administrators, and consulting systems engineers who implement and maintain the Cisco ISE in enterprise networks.
  • Security architects, design engineers, network designers and others seeking hands-on experience with the Cisco ISE.
  • Integrators who install and implement the Cisco Identity Service Engine

Pré-requis

It is recommended that a learning have the following knowledge and skills before attending this course:

  • CCNA Security certification, completion of Implémentation de la sécurité du réseau IOS Cisco v3.0 (IINS) course or equivalent knowledge
  • Foundation-level network knowledge and skills necessary to install, configure, operate, and troubleshoot network devices and applications
  • Foundation-level wireless knowledge and skills
  • Basic knowledge of Cisco IOS networking and concepts

Objectifs

Upon completing this course, the learner will be able to meet these overall objectives:

  • Describe Cisco ISE architecture, installation, and distributed deployment options
  • Configure Network Access Devices (NADs), policy components, and basic authentication and authorization policies in Cisco ISE - Implement Cisco ISE web authentication and guest services
  • Deploy Cisco ISE profiling, posture and client provisioning services
  • Describe administration, monitoring, troubleshooting, and TrustSec SGA security
  • Configure device administration using TACACS+ in Cisco ISE

Follow On Courses

Contenu

Implementing and Configuring Cisco Identity Services Engine v2.1 (SISE) is an identity and access control policy platform that provides a single policy plane across the entire organization, combining multiple services into a single context-aware identity-based platform. You will learn how to configure and administer many of the services, including authentication, authorization and accounting (AAA), posture, profiling, device on-boarding and guest management. You will also learn the knowledge and skills to enforce security posture compliance for wired and wireless endpoints and enhance infrastructure security using the Cisco ISE.

Module 1: Introducing Cisco ISE Architecture and Deployment

  • Security challenges
  • Cisco ISE solutions Use Cases
    • Guest use
    • BYOD
    • Profiling
    • Compliance
    • Security group access
  • Secure Access Control
  • ISE function
  • ISE deployment components
    • Admin node
    • Policy service node
    • Monitoring node
    • pxGrid Services
    • Policy synchronization
    • Deployment options
  • Context visibility
    • Benefits
    • Wizard
    • Streamline wizard

Module 2: Cisco ISE Policy Enforcement

  • IEEE 802.1X primeer
  • MAC authentication bypass
  • 802.1X and MAB
  • Identity sources
  • Multi-AD overview and configuration
  • Lightweight directory access protocol
  • RADIUS
  • SAMLv2
  • Identity source sequence
  • Certification authority services
  • Authentication and authorization process
  • Exception policies and policy sets
  • Global vs local exception processing
  • Third-party NAD support
  • Cisco TrustSec
  • Easy connect
    • Overview
    • Modes and flows
    • Configuration

Module 3: Web Auth & Guest Services

  • Web authentication overview
  • Guest access services overview
  • Guest access settings
  • ISE sponsor components and configuration

Module 4: Cisco ISE Profiler

  • Profiler service and policies
    • Configure
    • Prepare
    • Enable
    • Probe configuration
    • Feed service
    • Settings
    • Profiling parameters
  • NMAP scan action

Module 5: Cisco ISE BYOD

  • Problem and solutions
  • Design
  • Portal selection process
  • Device portal configuration
  • ISE CA server and local certificates

Module 6: Cisco ISE Endpoint Compliance Services

  • Posture service
    • Conditions
    • Compliance module
    • Flow
    • Agents
    • Deployment and licensing
    • Client provisioning
    • Posture general settings
  • Client provisioning portal and policy

Module 7: Cisco ISE with AMP and VPN-Based Services

  • AAA – external authentication
  • Cisco ASA for VPN authentication
  • Threat centric NAC

Module 8: Cisco ISE Integrated Solutions with APIs

  • Location-based authorization
  • pxGrid framework

Module 9: Working with Network Access Devices

  • TACACS+
    • Device administration
    • Configuration
    • Guidelines
    • Best practices
  • Migrating Cisco ACS to ISE

Module 10: Cisco ISE Design (Self-Study)

  • ISE planning and Pre-deployment
  • ISE sizing and scaling practices
  • Deployment best practices
  • Web portals best practices
  • PSN HA or load sharing
  • Deploying monitoring personas
  • Network infrastructure preparation

Module 11: Configuring Thrid Party NAD Support (optional/Self-Study/Reference)

  • Third-party NAD support configuration

Labs:

  • Initial Configuration of Cisco ISE
  • Complete Cisco ISE GUI Setup
  • Integrate Cisco ISE with Active Directory
  • Integrating Cisco ISE with a second Microsoft Active Directory
  • Basic Policy Configuration
  • Configure Guest Access
  • Guest Access Operations
  • Guest Reports
  • Configuring Profiling
  • Customizing the Cisco ISE Profiling Configuration
  • ISE Profiling Reports
  • BYOD Configuration
  • Device Blacklisting
  • Compliance
  • Configuring Client Provisioning
  • Configuring Posture Policies
  • Testing and Monitoring Compliance Based Access
  • Compliance Policy Testing
  • MDM Integration with Cisco ISE
  • MDM Access and Configuration
  • Client Access with MDM
  • Using Cisco ISE for VPN Access
  • Configuring Backups and Patching
  • Configuring Administrative Access
  • Review of General Tools
  • Report Operations
Classroom training

Durée 5 jours

Prix (Hors Taxe)
  • France: 3 870,- €
 
pointer une ville pour s'enregistrer Agenda
France
23.09. - 27.09.2019 Paris
16.12. - 20.12.2019 Paris
27.01. - 31.01.2020 Paris
30.03. - 03.04.2020 Paris
15.06. - 19.06.2020 Paris
FLEX Training

Please see below our alternative, English language, FLEX course option.

16.09. - 20.09.2019 FLEX training This is an Anglais language FLEX course.
Fuseau horaire: Europe/Amsterdam
garanti !
21.10. - 25.10.2019 FLEX training This is an Anglais language FLEX course.
Fuseau horaire: Europe/London
garanti !
11.11. - 15.11.2019 FLEX training This is an Anglais language FLEX course.
Fuseau horaire: Europe/Bucharest
25.11. - 29.11.2019 FLEX training This is an Anglais language FLEX course.
Fuseau horaire: Europe/London
13.01. - 17.01.2020 FLEX training This is an Anglais language FLEX course.
Fuseau horaire: Europe/London
09.03. - 13.03.2020 FLEX training This is an Anglais language FLEX course.
Fuseau horaire: Europe/London
27.04. - 01.05.2020 FLEX training This is an Anglais language FLEX course.
Fuseau horaire: Europe/London
18.05. - 22.05.2020 FLEX training This is an Anglais language FLEX course.
Fuseau horaire: Europe/London
08.06. - 12.06.2020 FLEX training This is an Anglais language FLEX course.
Fuseau horaire: Europe/London

Fast Lane Flex™ Classroom If you can't find a suitable date, don't forget to check our world-wide FLEX training schedule.

Europe
Allemagne
09.09. - 13.09.2019 Düsseldorf
23.09. - 27.09.2019 Munich
14.10. - 18.10.2019 Berlin
04.11. - 08.11.2019 Münster
11.11. - 15.11.2019 Francfort
25.11. - 29.11.2019 Hambourg
09.12. - 13.12.2019 Düsseldorf
06.01. - 10.01.2020 Francfort
Autriche
23.09. - 27.09.2019 Wien (iTLS)
03.02. - 07.02.2020 Wien (iTLS)
15.06. - 19.06.2020 Wien (iTLS)
19.10. - 23.10.2020 Wien (iTLS)
Belgique
30.09. - 04.10.2019 Bruxelles Langue: Anglais
04.11. - 08.11.2019 Bruxelles Langue: Anglais
Espagne
23.09. - 27.09.2019 Madrid
Italie
07.10. - 11.10.2019 Rome
25.11. - 29.11.2019 Milan
09.12. - 13.12.2019 Rome
Luxembourg
18.11. - 22.11.2019 Luxemburg
Pays-Bas
16.09. - 20.09.2019 FLEX training This is an Anglais language FLEX course.
Fuseau horaire: Europe/Amsterdam
garanti !
02.12. - 06.12.2019 Utrecht Langue: Anglais
Portugal
30.09. - 04.10.2019 Lisbonne
Roumanie
11.11. - 15.11.2019 FLEX training This is an Anglais language FLEX course.
Fuseau horaire: Europe/Bucharest
Royaume-Uni
21.10. - 25.10.2019 FLEX training This is an Anglais language FLEX course.
Fuseau horaire: Europe/London
garanti !
25.11. - 29.11.2019 FLEX training This is an Anglais language FLEX course.
Fuseau horaire: Europe/London
13.01. - 17.01.2020 FLEX training This is an Anglais language FLEX course.
Fuseau horaire: Europe/London
09.03. - 13.03.2020 FLEX training This is an Anglais language FLEX course.
Fuseau horaire: Europe/London
27.04. - 01.05.2020 FLEX training This is an Anglais language FLEX course.
Fuseau horaire: Europe/London
18.05. - 22.05.2020 FLEX training This is an Anglais language FLEX course.
Fuseau horaire: Europe/London
08.06. - 12.06.2020 FLEX training This is an Anglais language FLEX course.
Fuseau horaire: Europe/London
Suisse
16.09. - 20.09.2019 Zürich
25.11. - 29.11.2019 Zürich
17.02. - 21.02.2020 Zürich
04.05. - 08.05.2020 Zürich
20.07. - 24.07.2020 Zürich
12.10. - 16.10.2020 Zürich
North America
Etats-Unis
16.09. - 20.09.2019 Campbell, CA
16.09. - 20.09.2019 Formation en ligne Fuseau horaire: US/Central Langue: Anglais
16.09. - 20.09.2019 Formation en ligne Fuseau horaire: US/Central Langue: Anglais
16.09. - 20.09.2019 Formation en ligne Fuseau horaire: US/Pacific Langue: Anglais
23.09. - 27.09.2019 FLEX training This is an Anglais language FLEX course.
Fuseau horaire: US/Eastern
14.10. - 18.10.2019 Dallas
04.11. - 08.11.2019 Columbia, MD
04.11. - 08.11.2019 Formation en ligne Fuseau horaire: US/Central Langue: Anglais
Canada
23.09. - 27.09.2019 FLEX training This is an Anglais language FLEX course.
Fuseau horaire: Canada/Eastern
04.11. - 08.11.2019 Formation en ligne Fuseau horaire: Canada/Pacific Langue: Anglais
09.12. - 13.12.2019 Formation en ligne Fuseau horaire: Canada/Central Langue: Anglais
Latin America
Argentine
09.09. - 13.09.2019 Formation en ligne Fuseau horaire: America/Buenos_Aires Langue: Español
Brésil
14.10. - 18.10.2019 Formation en ligne Fuseau horaire: America/Sao_Paulo Langue: Portuguais
Mexico
07.10. - 11.10.2019 Formation en ligne Fuseau horaire: America/Mexico_City Langue: Español
Asie Pacifique
Inde
21.10. - 25.10.2019 FLEX training This is an Anglais language FLEX course.
Fuseau horaire: Asia/Calcutta
09.12. - 13.12.2019 FLEX training This is an Anglais language FLEX course.
Fuseau horaire: Asia/Calcutta
Moyen-Orient
Emirats-Arabes-Unis
15.09. - 19.09.2019 Dubai Langue: Anglais This course is being delivered by iTLS.
17.11. - 21.11.2019 Dubai Langue: Anglais This course is being delivered by iTLS.
Qatar
15.09. - 19.09.2019 Doha Langue: Anglais
Afrique
Egypte
15.09. - 19.09.2019 Le Caire Langue: Anglais
17.11. - 21.11.2019 Le Caire Langue: Anglais
Fast Lane s’engage à mettre en œuvre les formations garanties quelque soit le nombre de participants, en dehors des cas de force majeurs ou d’événements exceptionnels, comme un accident ou un maladie de l’instructeur.
Formation confirmée sous réserve d'une personne supplémentaire.
Cours en ligne avec instructeur
Formation en mode FLEX™.