Who should attend
- Network Security Engineers
- Administrators
Prerequisites
There are no prerequisites for this training. However, the knowledge and skills you are recommended to have before attending this training are:
- Familiarity with the Cisco IOS® Software Command-Line Interface (CLI) for wired and wireless devices
- Familiarity with Cisco Secure Client
- Familiarity with Microsoft Windows operating systems
- Familiarity with 802.1X
These skills can be found in the following Cisco Learning Offering:
Course Objectives
- Describe the Cisco ISE deployments, including core deployment components and how they interact to create a cohesive security architecture
- Describe the advantages of such a deployment and how each Cisco ISE capability contributes to these advantages
- Describe concepts and configure components related authentication, identity management, and certificate services
- Describe how Cisco ISE policy sets are used to implement authentication and authorization, and how to leverage this capability to meet the needs of your organization
- Describe third-party Network Access Devices (NADs), Cisco TrustSec, and Easy Connect
- Configure web authentication and guest services, including guest access components and various guest access scenarios
- Describe and configure Cisco ISE profiling services
- Understand how to monitor these services to enhance endpoint security and ensure secure edge
- Describe BYOD challenges, solutions, processes, and portals
- Configure a BYOD solution and describe the relationship between BYOD processes and their related configuration components
- Describe and configure various certificates related to a BYOD solution
- Describe endpoint compliance, compliance components, posture agents, posture deployment and licensing, and the posture service in Cisco ISE
- Describe the fundamentals of Identity and Access Management (IAM) by leveraging TACACS+
- Configure TACACS+ device administration using Cisco ISE, including command sets, profiles, and policy sets
- Understand the role of TACACS+ within the Authentication, Authorization, and Accounting (AAA) framework and the differences between the RADIUS and TACACS+ protocols
Detailed Course Outline
- Introducing Cisco ISE Architecture
- Introducing Cisco ISE Deployment
- Introducing Cisco ISE Policy Enforcement Components
- Introducing Cisco ISE Policy Configuration
- Troubleshooting Cisco ISE Policy and Third-Party NAD Support
- Exploring Cisco TrustSec
- Introducing Web Authentication and Guest Services
- Configuring Hotspots and Guest Portals
- Configuring Cisco ISE BYOD
- Working with Network Access Devices
- Introducing the Cisco ISE Profiler
- Introducing Profiling Best Practices and Reporting
- Introducing Cisco ISE Endpoint Compliance Services
- Configuring Client Posture Services and Compliance