SISE - Implementing and Configuring Cisco Identity Services Engine v4.1

The Implementing and Configuring Cisco Identity Services Engine (SISE) course teaches you to deploy and use Cisco Identity Services Engine (ISE) v3.x, an identity and access control policy platform that simplifies the delivery of consistent, highly secure access control across wired, wireless, and virtual private network (VPN) connections. This hands-on training provides you with the knowledge and skills to implement and apply Cisco ISE capabilities to support use cases for Zero Trust security posture. These use cases include tasks such as policy enforcement, profiling services, web authentication and guest access services, Bring Your Own Device (BYOD), endpoint compliance services, and Terminal Access Controller Access Control Server (TACACS+) device administration. Through hands-on practice via lab exercises, you will learn how to use Cisco ISE to gain visibility into what is happening in your network, streamline security policy management, and contribute to operational efficiency.

This training prepares you for 300-715 SISE v1.1 exam. If passed, you earn the Cisco Certified Specialist Security Identity Management Implementation certification and satisfy the concentration exam requirement for the Cisco Certified Network Professional (CCNP) Security certification. This training also earns you 40 Continuing Education (CE) credits toward recertification.

Section 1: Introducing Cisco ISE Architecture

• Cisco ISE as a Network Access Policy Engine
• Cisco ISE Use Cases
• Cisco ISE Core Functions

Section 2: Introducing Cisco ISE Deployment

• Cisco ISE Deployment Models
• Cisco ISE Licensing and Network Requirements
• Cisco ISE Context Visibility F
• New Features in Cisco ISE 3.X

Section 3: Introducing Cisco ISE Policy Enforcement Components

• 802.1X for Wired and Wireless Access
• MAC Authentication Bypass for Wired and Wireless Access
• Identity Management
• Active Directory Identity Source
• Additional Identity Sources
• Certificate Services

Section 4: Introducing Cisco ISE Policy Configuration

• Cisco ISE Policy
• Cisco ISE Authentication Rules
• Cisco ISE Authorization Rules

Section 5: Troubleshooting Cisco ISE Policy and Third-Party NAD Support

• Cisco ISE Third-Party Network Access Device Support
• Troubleshooting Cisco ISE Policy Configuration

Section 6: Exploring Cisco TrustSec

• Cisco TrustSec Overview
• Cisco TrustSec Enhancements
• Cisco TrustSec Configuration

Section 7: Introducing Web Authentication and Guest Services

• Web Access with Cisco ISE
• Guest Access Components
• Guest Access Settings

Section 8: Configuring Hotspots and Guest Portals

• Sponsor and Guest Portals Configuration

Section 9: Configuring Cisco ISE BYOD

• Cisco ISE BYOD Solution Overview
• Cisco ISE BYOD Flow
• My Devices Portal Configuration
• Using Cisco ISE as a lightweight PKI

Section 10: Working with Network Access Devices

• Reviewing AAA
• Cisco ISE TACACS+ Device Administration
• Configuring TACACS+ Device Administration
• TACACS+ Device Administration Guidelines and Best Practices
• Migration from Cisco ACS to Cisco ISE

Section 11: Introducing the Cisco ISE Profiler

• ISE Profiler Overview
• Cisco ISE Probes
• Profiling Policy

Section 12: Introducing Profiling Best Practices and Reporting

• Profiling Best Practices

Section 13: Introducing Cisco ISE Endpoint Compliance Services

• Endpoint Compliance Services Overview

Section 14: Configuring Client Posture Services and Compliance

• Client Posture Services and Provisioning Configuration

There are no prerequisites for this training. However, the knowledge and skills you are recommended to have before attending this training are:

• Familiarity with the Cisco IOS Software Command-Line Interface (CLI) for wired and wireless devices
• Familiarity with Cisco Secure Client
• Familiarity with Microsoft Windows operating systems
• Familiarity with 802.1X

These skills can be found in the following Cisco Learning Offering:

• Network Security Engineers
• Administrators