Training

World class technical courses and technology sessions

 

Securing Network Access with Cisco ISE

This course guides through the practical application of Cisco Idenity Services Engine policy control system in Enterprise environment. Students will learn how to install and configure ISE main functionalities like 8021.X, MAC Authentication Bypass, Guest Access or BYOD process. Course is also focused on troubleshooting network access.

 

Securing Network Access with Cisco ISE training agenda:

1) About the course

  • Course organization
  • Theory and Hands on labs approach
  • 12 main LABS

 

2) Cisco ISE Overview

  • ISE as a part of Cisco TrustSec
  • ISE Architecture: nodes, functions, personas
  • Deployment options
  • Scaling Cisco ISE, resources estimation

 

3) Lab Topology overview

  • Physical and logical topology description

 

4) Cisco ISE bootstrap and installation

  • ISE network and deployment readiness
  • Importance of certificates, NTP, DNS entries
  • Certificate management
  • Adding nodes to ISE deployment
  • Active Directory integration
  • Lab 1: ISE Bootstrap

 

5) Cisco ISE and NAD interaction

  • NAD, client and ISE traffic flow
  • 802.1X concepts (EAP protocols)
  • Cisco Switch configuration as a NAD
  • Cisco WLC configuration as a NAD
  • Cisco ASA configuration as a NAD
  • Testing ISE and NAD connections
  • Lab 2: NAD configuration for WiFi
  • Lab 3: NAD configuration for Wired access

 

6) AAA policies configuration

  • Cisco ISE authentication process (AuthC)
  • Authentication Conditions
  • Authentication Profiles
  • Internal and External Identity Sources
  • Identity Sources Sequences
  • Cisco ISE authorization process (AuthZ)
  • Authorization Conditions
  • Authorization Profiles
  • Lab 4: Authentication components configuration for 802.1x
  • Lab 5: Authorization components configuration for 802.1x
  • Lab 6: Authentication and Authorization for Mac Authentication Bypass (MAB)

 

7) Cisco ISE Guest access

  • Guest access design (PSN behavior, session stickiness, certificates)
  • Guest portal configuration
  • Authentication and Authorization
  • Identity source sequence and authentication options
  • Sponsor Portal
  • Sponsor Authentication Sequence
  • Sponsor role based oprations
  • Lab 7: Guest portal configuration and verification
  • Lab 8: AuthC and AuthZ for Guest Access

 

8) Q&A and course summary

  • Q&A session
  • Course summary
Contact with us

Do not hesitate to ask for more info about this course.

See also

Technology: Security,Firewall

Level: Intermediate

Type: On site, Online

Technology: WAN,VPN

Level: Intermediate

Type: On site, Online

Technology: IP, Routng, Switching, WiFi, Security

Level: Entry

Type: On site, Online

 

Newsletter