This course helps you prepare to take the Implementing and Configuring Cisco Identity Services Engine (300-715 SISE) exam, which leads to CCNP® Security and the Cisco Certified Specialist - Security Identity Management Implementation certifications.
Course description:
The Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 course teaches you to deploy and use Cisco® Identity Services Engine (ISE) v3.x, an identity and access control policy platform that simplifies the delivery of consistent, highly secure access control across wired, wireless, and VPN connections. This hands-on course provides you with the knowledge and skills to implement and apply Cisco ISE capabilities to support use cases for Zero Trust security posture.
These use cases include tasks such as policy enforcement, profiling services, web authentication and guest access services, BYOD, endpoint compliance services, and Terminal Access Controller Access Control Server (TACACS+) device administration. Through hands-on practice via lab exercises, you will learn how to use Cisco ISE to gain visibility into what is happening in your network, streamline security policy management, and contribute to operational efficiency.
This course also earns you 40 Continuing Education (CE) credits toward recertification!
Course objectives:
This class will help you use SISE to:
• Develop and Implement SASE architecture
• Understand application of ISE capabilities towards development of a Zero Trust Approach
• Enable BYOD and guest access
• Centrally configure and manage posture, authentication and authorisation services in a single web-based GUI console
• Gain eading-edge career skills for high-demand job roles and responsibilities focused on enterprise security
After taking this course, you should be able to:
• Explain Cisco ISE deployment
• Describe Cisco ISE policy enforcement components
• Describe Cisco ISE policy configuration
• Troubleshoot Cisco ISE policy and third-party Network Access Device (NAD) support
• Configure guest access
• Configure hotspots and guest portals
• Describe the Cisco ISE profiler services
• Describe profiling best practices and reporting
• Configure a Cisco ISE BYOD solution
• Configure endpoint compliance
• Configure client posture services
• Configure Cisco ISE device administration
• Describe Cisco ISE TrustSec configurations
Course content:
• Introducing Cisco ISE Architecture
• Introducing Cisco ISE Deployment
• Introducing Cisco ISE Policy Enforcement Components
• Introducing Cisco ISE Policy Configuration
• Troubleshooting Cisco ISE Policy and Third-Party NAD Support
• Introducing Web Authentication and Guest Services
• Configuring Hotspots and Guest Portals
• Introducing the Cisco ISE Profiler
• Introducing Profiling Best Practices and Reporting
• Configuring Cisco ISE BYOD
• Introducing Cisco ISE Endpoint Compliance Services
• Configuring Client Posture Services and Compliance
• Working With Network Access Devices
• Exploring Cisco TrustSec
Labs:
• Lab 1A: Installation and Basic Setup of Cisco ISE
• Lab 1B: Verify Initial Cisco ISE Setup and System Certificate Usage
• Lab 2: Integrate Cisco ISE with Active Directory
• Lab 3: Configure Cisco ISE Policy for MAB
• Lab 4: Configure Cisco ISE Policy for 802.1X
• Lab 5: Configure Guest Access
• Lab 6: Configure Hotspot and Self-Registered Guest Access
• Lab 7: Configure Sponsor-Approved and Fully Sponsored Guest Access
• Lab 8: Create Guest Reports
• Lab 9: Configure Profiling
• Lab 10: Customize the Cisco ISE Profiling Configuration
• Lab 11: Create Cisco ISE Profiling Reports
• Lab 12: Configure BYOD
• Lab 13: Manage a Lost or Stolen BYOD Device
• Lab 14: Configure Cisco ISE Compliance Services
• Lab 15: Configure Client Provisioning
• Lab 16: Configure Posture Policies
• Lab 17: Test and Monitor Compliance-Based Access
• Lab 18: Configure Cisco ISE for Basic Device Administration
• Lab 19: Configure Cisco ISE Command Authorization
• Lab 20: Configure Cisco TrustSec
Target audience:
This training is aimed at individuals involved in the deployment and maintenance of a Cisco Identity Services Engine solution. Typical roles are Network security engineers, ISE administrators, Senior Security Operations Center (SOC) personnel responsible for Incidence Response, Cisco integrators and partners.
Prerequisites:
To fully benefit from this course, you should have the following knowledge:
• Familiarity with the Cisco IOS® Software Command-Line Interface (CLI) for wired and wireless devices
• Familiarity with Cisco AnyConnect® Secure Mobility Client
• Familiarity with Microsoft Windows operating systems
• Familiarity with 802.1x
Language:
• English course material, english speaking instructor
Certification:
This course helps you prepare to take exam 300-715 SISE: Implementing and Configuring Cisco Identity Services Engine.
After you pass exam 300-715 SISE:
• You will have satisfied the concentration exam requirement for the CCNP Security certification. To complete CCNP Security, you also need to pass the Implementing and Operating Cisco Security Core Technologies (350-701 SCOR) exam or its equivalent.