SISE - Implementing and Configuring Cisco Identity Services Engine v1.3 Eğitimi

Ön Kayıt ve Fiyat Bilgi Formu




Tarih ve lokasyonlar


Bu eğitimi özel sınıf olarak kendi kurumunuzda talep edebilirsiniz.
Lütfen bizimle iletişime geçin:


info@bilginc.com

+90 212 282 7700

Talep Formu

SISE - Implementing and Configuring Cisco Identity Services Engine v1.3

Learn to install, configure, and deploy ISE with enhanced labs written for ISE version 1.4.

In this course, you will learn about the Cisco Identity Services Engine (ISE)-a next-generation identity and access control policy platform that provides a single policy plane across the entire organization combining multiple services, including authentication, authorization, and accounting (AAA) using 802.1x, MAB, web authentication, posture, profiling, device on-boarding, guest services, and VPN access into a single context-aware identity-based platform. The training provides learners with the knowledge and skills to enforce security compliance for wired and wireless endpoints and enhance infrastructure security using the Cisco ISE.

This course is an intensive hands-on experience. With enhanced hands-on labs, you will cover the Cisco ISE version 1.4 (labs). You will learn how to perform a fundamental installation of ISE and how to configure identity-based networks using 802.1X for both wired and wireless clients, using Windows 8 and Apple iPad endpoints. You will also learn to use many of the new features, including AnyConnect 4.1 Posture Module for LAN and VPN posture compliance, EAP-FAST, PEAP, BYOD, and EAP Chaining. You'll also see how the new Virtual Wireless Controller (vWLC) works to integrate with ISE along with advanced features within ISE.

 

What You'll Learn

  • ISE deployment options including node types, personas, and licensing
  • Install certificates into ISE using a Windows 2012 Certificate Authority (CA)
  • Configure a distributed deployment
  • Configure AAA clients and network device groups
  • Configure local and remote identity store and use of identity source sequences
  • 802.1X for wired and wireless networks using the latest dot1x commands on a catalyst switch and version 7.6 of the vWLC
  • Configure authorization and authentication policies to allow MAC Authentication Bypass (MAB) endpoints
  • Use central web authentication (CWA) for redirection of legitimate domain users who need to register devices on the network using MAC addresses (device registration)
  • Configure hotspot guest access, self-registration guest access, and sponsored guest access
  • Configure profiler services in ISE and use newer probes available in IOS switch code 15.x as well as vWLC 7.6 code.
  • Profiling feeds, logical profiles, and building profiling conditions to match network endpoints
  • Configure posture assessments using the Cisco the new Cisco AnyConnect Secure Mobility 4.1 posture module
  • Integrate Cisco ISE with MobileIron for Mobile Device Management MDM
  • Maintenance, best practices, and logging

 

Who Needs to Attend

 

  • Consulting systems engineers
  • Technical solutions architects
  • Integrators who install and implement the Cisco ISE version 1.3
  • End users (Cisco customers) desiring the knowledge to install, configure, and deploy Cisco ISE 1.3
  • Cisco channel partners and field engineers who need to meet the educational requirements to attain Authorized Technology Partner (ATP) authorization to sell and support the ISE product

 

Prerequisites

  • CCNA Security or equivalent level of experience with Cisco devices
  • CCNA or equivalent level of experience configuring Cisco routers and switches
  • Foundation-level wireless knowledge and skills Familiarity with Microsoft Windows and Microsoft Active Directory
  • Familiarity with 802.1X

Follow-On Courses

There are no follow-ons for this course.

 

Course Outline

1. Introducing the Cisco Secure Access Solution and ISE Platform Architecture

  • The Cisco Secure Access Solution
  • Cisco ISE as a Network Access Policy Engine
  • Cisco ISE Policy Security Mechanisms
  • Cisco TrustSec
  • Installing Cisco ISE
  • Cisco ISE GUI Orientation

2. Cisco ISE Policy Enforcement

  • 802.1X and MAB Access-Wired and Wireless
  • Identity Management
  • Cisco ISE Policy Overview
  • Cisco ISE Policy Sets

3. Web Authentication

  • Web Access with Cisco ISE
  • WebAuth Configuration

4. Cisco ISE Guest Services

  • Cisco ISE Guest Access Components
  • Guest Access Settings
  • Sponsors and Sponsor Portals
  • Cisco ISE Guest Portal Overview
  • Cisco ISE Guest Operations and Reports

5. Cisco ISE Profiler

  • Introduction to Profiling
  • Profiling Configuration on Cisco ISE

6. Cisco ISE BYOD and MDM

  • Cisco ISE BYOD Process Overview
  • BYOD Portal Selection
  • My Devices Portal Settings
  • Certificates in BYOD Scenarios
  • MDM and ISE

7. Cisco ISE Endpoint Compliance Services

  • Endpoint Compliance-Posture Service Overview
  • Client Provisioning in Cisco ISE
  • Mobile Client Provisioning in Cisco ISE
  • Configuring Cisco ISE for Posture Compliance

8. Cisco ISE for VPN-Based Services

  • VPN Access Overview
  • Configuring Cisco ASA v9.2+ for VPN Access
  • Using Inline Posture Node for NADs without CoA Support

9. Cisco TrustSec

  • SGA Overview
  • SXP and SGACLs Overview
  • SGFW Enforcement

10. Cisco ISE Design

  • Node Capabilities
  • Failover and High Availability

11. Cisco ISE Best Practices

  • Best Practices

 

Labs

Lab 1: Cisco ISE Installation and Web Console Familiarization

Lab 2: Install a Certificate in ISE

Lab 3: Configure an ISE Distributed Deployment

Lab 4: Local and Remote Identity Stores using Active Directory and Sequence Lists

Lab 5: 802.1X: Examining and Configuring Supplicants

Lab 6: 802.1X: Wired Networks

Lab 7: 802.1X: MAR and EAP Chaining

Lab 8: 802.1X: Wireless Networks

Lab 9: 802.1X: MAC Authentication Bypass (MAB)

Lab 10: Central Web Auth (CWA) for Wired and Wi-Fi

Lab 11: Policy Sets

Lab 12: Guest Access

Lab 13: Profiling Services

Lab 14: BYOD

Lab 15: Compliance checking using the AnyConnect Unified Agent

Lab 16: MDM Integration

Lab 17: VPN Integration

 



Eğitim içeriğini PDF olarak indir