US Region

Grandmetric LLC
Lewes DE 19958
16192 Coastal Hwy USA
EIN: 98-1615498
+1 302 691 94 10

EMEA Region

ul. Metalowa 5, 60-118 Poznań, Poland
NIP 7792433527
+48 61 271 04 43


Grandmetric LTD
Office 584b
182-184 High Street North
E6 2JA
+44 20 3321 5276

  • en
  • pl
  • Workshop: Cisco ISE & Enterprise BGP

    Workshop: Cisco ISE & Enterprise BGP

    Date: 21.07.2017


    Cisco ISE Internet Edge Bgp Bootcamp

    Technology combined training.

    We are announcing the Cisco ISE & Internet Edge 4 Days accelerated workshop. This is one-time training & the only one in the market. This is combined training for those who want to improve Cisco ISE troubleshooting and configuration skills as well as get familiar with BGP routing for Enterprise WAN & Internet Edge. While it might seem that we are mixing the security & RS areas, we receive many requests from industry regarding combined technology training. Why they ask about such apporach? Many enterprise network administrators face the wide scope of technology in everyday work covering Routing, Siwtching, LAN Security, VPN, WAN, Internet Edge thus spending 4 – 5 Days of training on only one product or technology area could be not affordable in terms of time and bugdet. Providing accelareated Cisco ISE & Enterprise BGP we cover many necessary aspects of Infrastructure access and BGP routing subjects.

    What you will learn and lab during these 4 intensive days?


    • ISE as a part of Cisco TrustSec
    • ISE Architecture: nodes, functions, personas
    • Deployment options
    • Scaling Cisco ISE, resources estimation
    • NAD, client and ISE traffic flow
    • 802.1X concepts (EAP protocols)
    • Cisco Switch configuration as a NAD
    • Cisco WLC configuration as a NAD
    • Cisco ASA configuration as a NAD
    • Testing ISE and NAD connections
    • Cisco ISE authentication process (AuthC)
    • Authentication Conditions
    • Authentication Profiles
    • Internal and External Identity Sources
    • Identity Sources Sequences
    • Cisco ISE authorization process (AuthZ)
    • Authorization Conditions
    • Authorization Profiles
    • Guest access design (PSN behavior, session stickiness, certificates)
    • Guest portal configuration
    • Authentication and Authorization
    • Identity source sequence and authentication options
    • Sponsor Portal
    • Sponsor Authentication Sequence
    • Sponsor role based operations
    • Configuring profiling service
    • Verify profiling
    • Dual and Single SSID provisioning
    • On-boarding behavior setup
    • Certificate profiles preparation
    • Onboarding verification


    BGP Overview

    • BGP protocol
    • Applications – Service Provider, Enterprise environments
    • Architecture – Autonomous System, BGP Policy Engines
    • iBGP and eBGP comparison and behavior, timers
    • Control Plane and Forwarding Plane
    • The BGP RIP, IP RIB, FIB roles
    • BGP Attributes
    • Path decision process
    • BGP session establishment and capabilities (MP-BGP)

    Lab Topology overview

    • Physical and logical topology description

    Basic topology setup 

    • LAB1: Sites addressing, interfaces setup
    • LAB2: BGP basic configuration and session establishment
    • LAB3: Prefix exchange, IP RIB, BGP RIB, FIB
    • LAB4: BGP Attributes review, Next Hop verification

    Policy control techniques

    • Policy control usage – Filter lists
    • Prefix lists
    • LAB 5: Prefix list configuration
    • AS_PATH lists
    • LAB 6: AS_PATH list configuration
    • Community lists
    • LAB 7: AS_PATH list configuration
    • Route Maps
    • LAB 8: Route Maps configuration
    • Policy Lists
    • LAB 9: Policy lists configuration
    • BGP filtering process order
    • LAB 10: Scenario 1 – basic outbound and inbound filtering task

    BGP – IGP interaction

    • Need for IGP and BGP exchange
    • Redistribute and network commands behavior
    • LAB 11: Configuring basic OSPF and route redistribution between processes

    BGP in Enterprise Internet Edge

    • Internet connectivity in Enterprise, why BGP?
    • Default or Full Feed, memory estimation
    • Multihoming
    • Stub Multihoming single and multiple Border Routers
    • Standard Multihoming
    • LAB 12: Multihomed network setup
    • Inbound filtering best practice
    • Outbound filtering best practice
    • LAB 13: Filtering in Multihomed Network
    • Load Balancing
    • LAB 14: Load Balancing configuration
    • eBGP Multihop solution
    • LAB 15: Multhihop session configuration
    • Securing BGP sessions
    • LAB 16: Session security session configuration
    • LAB 17: BGP on the edge troubleshooting and task solving

    Who will lead the  Cisco ISE training?

    Training will be conducted by Marcin Biały , passionate instructor, engineer and architect who has over 12 large scale and several smaller projects implementations of Cisco ISE from (1.1 to 2.2) and used to work with biggest service providers and enterprise customers building BGP based architectures. Marcin helps organisations of various sizes to harden, transform and build scalable efficient enterprise networks.


    Marcin Bialy

    Marcin Biały is Network and Security Architect with over 14 years of experience, with Service Provider and Enterprise networking background. He used to work for large service providers, global vendors and integration services companies as Network Architect, Leading Architect and Techincal Solution Manager positions. He designed, implemented and supported dozens large scale projects and infrastructure migrations, solved hundreds of tickets and spent hours with CLI and GUI of many flavors. Marcin is also holding industry recognizable certificates such as CCNP, CCNA, CCSI #35269, FCNSP #7207, FCNSA and more.

    2 September 2022 at 00:24

    I will love to attend this training and will be glad if I can get any information that will allow me to join this training.

    Marcin Bialy
    27 January 2023 at 08:52

    Please contact us at


    Leave a Reply

    Your email address will not be published. Required fields are marked *