Menu

US Region

Grandmetric LLC
Brookfield Place Office
200 Vesey Street
New York, NY 10281
EIN: 98-1615498
Phone: +1 302 691 94 10

info@grandmetric.com

EMEA Region

GRANDMETRIC Sp. z o.o.
ul. Metalowa 5, 60-118 Poznań, Poland
NIP 7792433527
+48 61 271 04 43
info@grandmetric.com

Securing Network Access with Cisco ISE Training

Securing Network Access with Cisco ISE Training

The Cisco ISE Training guides through the practical application of Cisco Idenity Services Engine policy control system in Enterprise environment. Students will learn how to install and configure ISE main functionalities like 8021.X, MAC Authentication Bypass, Guest Access or BYOD process. Course is also focused on troubleshooting network access.

 

Securing Network Access with Cisco ISE training agenda:

1) About the course

  • Course organization
  • Theory and Hands on labs approach
  • 12 main LABS

 

2) Cisco ISE Overview

  • ISE as a part of Cisco TrustSec
  • ISE Architecture: nodes, functions, personas
  • Deployment options
  • Scaling Cisco ISE, resources estimation

 

3) Lab Topology overview

  • Physical and logical topology description

 

4) Cisco ISE bootstrap and installation

  • ISE network and deployment readiness
  • Importance of certificates, NTP, DNS entries
  • Certificate management
  • Adding nodes to ISE deployment
  • Active Directory integration
  • Lab 1: ISE Bootstrap

 

5) Cisco ISE and NAD interaction

  • NAD, client and ISE traffic flow
  • 802.1X concepts (EAP protocols)
  • Cisco Switch configuration as a NAD
  • Cisco WLC configuration as a NAD
  • Cisco ASA configuration as a NAD
  • Testing ISE and NAD connections
  • Lab 2: NAD configuration for WiFi
  • Lab 3: NAD configuration for Wired access

 

6) AAA policies configuration

  • Cisco ISE authentication process (AuthC)
  • Authentication Conditions
  • Authentication Profiles
  • Internal and External Identity Sources
  • Identity Sources Sequences
  • Cisco ISE authorization process (AuthZ)
  • Authorization Conditions
  • Authorization Profiles
  • Lab 4: Authentication components configuration for 802.1x
  • Lab 5: Authorization components configuration for 802.1x
  • Lab 6: Authentication and Authorization for Mac Authentication Bypass (MAB)

 

7) Cisco ISE Guest access

  • Guest access design (PSN behavior, session stickiness, certificates)
  • Guest portal configuration
  • Authentication and Authorization
  • Identity source sequence and authentication options
  • Sponsor Portal
  • Sponsor Authentication Sequence
  • Sponsor role based oprations
  • Lab 7: Guest portal configuration and verification
  • Lab 8: AuthC and AuthZ for Guest Access

 

8) Q&A and course summary

  • Q&A session
  • Course summary
Contact with us

Do not hesitate to ask for more info about this course.

See also

Technology : Security, NG Firewalls

Level : Intermediate

Type : On site, Online

Technology : WAN,VPN

Level : Intermediate

Type : On site, Online

Technology : IP, Routng, Switching, WiFi, Security, Data Center

Level : Entry

Type : On site, Online

Grandmetric