Privée

Ce cours est disponible en session privée ou personnalisée. Il peut être offert à l’un de nos centres de formation ou directement à vos bureaux. Appelez l’un de nos conseillers ou faites une demande de soumission en ligne.

Appelez maintenant au 1 877 624.2344

  • Durée: 5 jours
  • Prix régulier: Sur demande

CISCO - Implementing and Configuring Cisco Identity Services Engine (SISE) v2.1

Reference : © CISCO SISE v2.1

Duration : 5 days

This course discusses the Cisco Identity Services Engine (ISE), an identity and access control policy platform that provides a single policy plane across the entire organization, combining multiple services, including authentication, authorization, and accounting (AAA), posture, profiling, device on-boarding, and guest management, into a single context-aware identity-based platform. The training provides learners with the knowledge and skills to enforce security posture compliance for wired and wireless endpoints and enhance infrastructure security using the Cisco ISE

Learning credits 42
LanguagesThese scheduled public sessions are offered in English or in French (FR). The educational material is in English.

Audience

  • Consulting systems engineers
  • Technical solutions architects
  • Integrators who install and implement the Cisco ISE version 2.1
  • End users (Cisco customers) desiring the knowledge to install, configure, and deploy Cisco ISE 2.1
  • Cisco channel partners and field engineers who need to meet the educational requirements to attain Authorized Technology Partner (ATP) authorization to sell and support the ISE product

Prerequisites

It is recommended that a learning have the following knowledge and skills before attending this course:
  • CCNA Security certification
  • Foundation-level network knowledge and skills necessary to install, configure, operate, and troubleshoot network devices and applications
  • Foundation-level wireless knowledge and skills
  • Basic knowledge of Cisco IOS networking and concepts

Objectives

Upon completion of this course, you will be able to:
  • Describe Cisco ISE architecture, installation, and distributed deployment options
  • Configure Network Access Devices (NADs), policy components, and basic authentication and authorization policies in Cisco ISE - Implement Cisco ISE web authentication and guest services
  • Deploy Cisco ISE profiling, posture and client provisioning services
  • Describe administration, monitoring, troubleshooting, and TrustSec SGA security
  • Configure device administration using TACACS+ in Cisco ISE.

Contents

Module 1 - Introducing Cisco ISE Architecture and Deployment
  • Using Cisco ISE as a Network Access Policy Engine
  • Cisco ISE Deployment Models
Module 2- Cisco ISE Policy Enforcement
  • 802.1X and MAB Access: Wired and Wireless
  • Identity Management
  • Configure Certificate Services
  • Cisco ISE Policy
  • Configuring Cisco ISE Policy Sets
  • Implementing Third-Party Network Access Device Support
  • Cisco TrustSec
  • EasyConnect
Module 3 - Web Auth and Guest Services
  • Web Access with Cisco ISE
  • ISE Guest Access Components
  • Configuring Guest Access Settings
  • Configuring Portals: Sponsors and Guests
Module 4 - Cisco ISE Profiler
  • Cisco ISE Profiler
  • Configuring Cisco ISE Profiling
Module 5 - Cisco ISE BYOD
  • Cisco ISE BYOD Process
  • BYOD Flow
  • Configuring My Devices Portal Settings
  • Configuring Certificates in BYOD Scenarios
Module 6 - Cisco ISE Endpoint Compliance Services
  • Endpoint Compliance
  • Configuring Client Posture Services and Provisioning in Cisco ISE
Module 7 - Cisco ISE with AMP and VPN-Based Services
  • VPN Access Using Cisco ISE
  • Configuring Cisco AMP for ISE
Module 8 - Cisco ISE Integrated Solutions with APIs
  • Location-Based Authorization
  • Cisco ISE 2.x pxGrid
Module 9 - Working with Network Access Devices
  • Configuring TACACS+ for Cisco ISE Device Administration
Module 10 - Cisco ISE Design
  • Designing and Deployment Best Practices
  • Performing Cisco ISE Installation and Configuration Best Practices
  • Deploying Failover and High-Availability
Module 11 - Configuring Third-Party NAD Support
Labs :
  • Lab 1: ISE Familiarization and Certificate Usage
  • Lab 2: Active Directory and Identity Source Sequences
  • Lab 3: Conversion to Policy Sets
  • Lab 4: Access Policy for EasyConnect
  • Lab 5: 802.1X-Wired Networks – PEAP
  • Lab 6: 802.1X-Wired Networks - EAP-FAST
  • Lab 7: 802.1X-Wireless Networks
  • Lab 8: 802.1X-MAC Authentication Bypass (MAB)
  • Lab 9: Centralized Web Authentication (CWA)
  • Lab 10: Guest Access and Reports
  • Lab 11: Endpoint Profiling and Reports
  • Lab 12: BYOD and My Device Portal
  • Lab 13: Posture Compliance and Reports
  • Lab 14: Compliance Based VPN Access
  • Lab 15: Threat Centric NAC using AMP and ANC
  • Lab 16: pxGrid and WSA Integration
  • Lab 17: TACACS+ Device Administration
  • Lab 18: TrustSec Security Group Access
  • Lab 19: ISE Distributed Deployment
  • Lab 20: MDM Integration

Savoir s’entourer des meilleurs

Simon Bourassa
Simon Bourassa
Formateur et conseiller en TI
Simon est passionné par le développement logiciel et le développement de produits, mais avant tout par l’ensemble des gens cachés derrière ces codes, qui travaillent main dans la main pour développer des solutions innovantes.
Pierre-Edouard Brondel
Pierre-Edouard Brondel
Formateur et conseiller en bureautique
Expert en pédagogie dans le domaine des technologies et de la bureautique cumulant plus de 25 ans d’expérience, Pierre-Édouard est d’abord et avant tout un passionné de capital humain.
Valère Drainville
Valère Drainville
Formateur et conseiller en efficacité professionnelle
Expert en collaboration et en efficacité professionnelle, Valère Drainville saura vous accompagner dans l’adoption et la gestion de vos outils de travail collaboratifs.
Frédéric Paradis
Formateur certifié et architecte en solutions infonuagiques
Formateur certifié Microsoft, Frédéric se décrit comme un magicien de l’infonuagique, cet espace mythique entre technologie et réalité.