SISE (update) 4.0

Szkolenie Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 uczy wdrażania i korzystania z Cisco® Identity Services Engine (ISE) v3.x, platformy polityki tożsamości i kontroli dostępu, która upraszcza dostarczanie spójnej, wysoce bezpiecznej kontroli dostępu w połączeniach przewodowych, bezprzewodowych i VPN. Ten praktyczny kurs zapewnia wiedzę i umiejętności w zakresie wdrażania i stosowania możliwości Cisco ISE w celu obsługi przypadków użycia dla postawy bezpieczeństwa Zero Trust. Te przypadki użycia obejmują zadania, takie jak egzekwowanie zasad, usługi profilowania, uwierzytelnianie internetowe i usługi dostępu dla gości, BYOD, usługi zgodności punktów końcowych i administrowanie urządzeniami serwera kontroli dostępu kontrolera dostępu terminala (TACACS+). Dzięki praktycznym ćwiczeniom laboratoryjnym dowiesz się, jak korzystać z Cisco ISE, aby uzyskać wgląd w to, co dzieje się w sieci, usprawnić zarządzanie zasadami bezpieczeństwa i przyczynić się do wydajności operacyjnej. 

Kurs pomaga przygotować się do egzaminu Implementing and Configuring Cisco Identity Services Engine (300-715 SISE), który prowadzi do uzyskania certyfikatów CCNP® Security i Cisco Certified Specialist – Security Identity Management Implementation. Kurs ten pozwala również uzyskać 40 punktów Continuing Education (CE) w ramach recertyfikacji. 

How You’ll Benefit

This class will help you use Cisco ISE to:

• Develop and implement SASE architecture
• Understand application of ISE capabilities towards development of a Zero Trust approach
• Enable BYOD and guest access
• Centrally configure and manage posture, authentication, and authorization services in a single webbased GUI console
• Gain leading-edge career skills for high-demand job roles and responsibilities focused on enterprise security
• Earn 40 CE credits toward recertification

 
Who Should Enroll

• Network security engineers
• Network security architects
• ISE administrators
• Senior Security Operations Center (SOC) personnel responsible for Incidence Response
• Cisco integrators and partners

Course Objectives

After taking this course, you should be able to:

• Describe the Cisco Identity Services Engine (ISE)
• Explain Cisco ISE deployment
• Describe Cisco ISE policy enforcement components
• Describe Cisco ISE policy configuration
• Troubleshoot Cisco ISE policy and third-party Network Access Device (NAD) support
• Configure guest access
• Configure hotspots and guest portals
• Describe the Cisco ISE profiler services
• Describe profiling best practices and reporting
• Configure a Cisco ISE BYOD solution
• Configure endpoint compliance
• Configure client posture services
• Configure Cisco ISE device administration
• Describe Cisco ISE TrustSec configurations

Course Prerequisites

To fully benefit from this course, you should have the following knowledge:

• Familiarity with the Cisco IOS^® Software Command-Line Interface (CLI) for wired and wireless devices
• Familiarity with Cisco AnyConnect^® Secure Mobility Client
• Familiarity with Microsoft Windows operating systems
• Familiarity with 802.1X

Recommended Cisco offerings that may help you meet these prerequisites:

• Cisco CCNP Security Certification training

 Course Outline

• Introducing Cisco ISE Architecture
• Introducing Cisco ISE Deployment
• Introducing Cisco ISE Policy Enforcement Components
• Introducing Cisco ISE Policy Configuration
• Troubleshooting Cisco ISE Policy and Third-Party NAD Support
• Introducing Web Authentication and Guest Services
• Configuring Hotspots and Guest Portals
• Introducing the Cisco ISE Profiler
• Introducing Profiling Best Practices and Reporting
• Configuring Cisco ISE BYOD
• Introducing Cisco ISE Endpoint Compliance Services
• Configuring Client Posture Services and Compliance
• Working With Network Access Devices
• Exploring Cisco TrustSec

 Lab Outline

• Configure Initial Cisco ISE Setup and System Certificate Usage
• Integrate Cisco ISE with Active Directory
• Configure Cisco ISE Policy for MAC Authentication Bypass (MAB)
• Configure Cisco ISE Policy for 802.1X
• Configure Guest Access
• Configure Hotspot and Self-Registered Guest Access
• Configure Sponsor-Approved and Fully Sponsored Guest Access
• Create Guest Reports
• Configure Profiling
• Customize the Cisco ISE Profiling Configuration
• Create Cisco ISE Profiling Reports
• Configure BYOD
• Manage a Lost or Stolen BYOD Device
• Configure Cisco ISE Compliance Services
• Configure Client Provisioning
• Configure Posture Policies
• Test and Monitor Compliance-Based Access
• Configure Cisco ISE for Basic Device Administration
• Configure Cisco ISE Command Authorization
• Configure Cisco TrustSec