Discover Classes. Earn 10% Rewards.

SISE v4.0 - Implementing and Configuring Cisco® Identity Services Engine

Discover the intricacies of Cisco Identity Services Engine (ISE) with hands-on training. Learn to enforce security posture compliance for wired and wireless endpoints, configure network access devices, and integrate policy components seamlessly. Ideal for ISE administrators, wireless engineers, and security solutions architects seeking advanced proficiency in Cisco ISE v4.0.

  • Intermediate
  • Small class sizes
  • 18 and older
  • $4,295
  • Earn 10% Rewards
  • Price Lock
  • Online Classroom
  • 40 hours over 5 sessions

Express Checkout – $4,295


Proceed to Checkout

No Booking Fees. Lowest Price Guaranteed. Earn 10% Rewards.

Give as a Gift

Start Dates (2)

  • $4,295/person
  • 40 hours over 5 sessions
10 left
Book
Show all 5 sessions
  • Mon, Sep 16 at 10:00am - 6:00pm
  • Tue, Sep 17 at 10:00am - 6:00pm
  • Wed, Sep 18 at 10:00am - 6:00pm
  • Thu, Sep 19 at 10:00am - 6:00pm
  • Fri, Sep 20 at 10:00am - 6:00pm
10 left
Book
Show all 5 sessions
  • Mon, Dec 02 at 10:00am - 6:00pm
  • Tue, Dec 03 at 10:00am - 6:00pm
  • Wed, Dec 04 at 10:00am - 6:00pm
  • Thu, Dec 05 at 10:00am - 6:00pm
  • Fri, Dec 06 at 10:00am - 6:00pm
Showing 12 of 2

Class Description

Description

What you'll learn in this unified contact center training:

This course discusses the Cisco Identity Services Engine (ISE), an identity and access control policy platform that provides a single policy plane across the entire organization,combining multiple services, including authentication, authorization, and accounting (AAA), posture, profiling, device on-boarding, and guest management, into a single context-aware identity-based platform. The training provides learners with the knowledge and skills to enforce security posture compliance for wired and wireless endpoints and enhance infrastructure security using the Cisco ISE.

To participate in the hands-on labs in this class, you need to bring a laptop
computer with the following:
Windows 7 or 8.1 or 10 is recommended. Mac OSX 10.6 or greater is supported as well.
Intel Celeron or better processors are preferred.
1 GB or more of RAM
Browser Requirements: Internet Explorer 10 or greater or Mozilla Firefox. (Safari and Mozilla Firefox for Mac OSX)
All students are required to have administrator rights to their PCs and cannot be logged in to a domain using any Group Policies that will limit their machine's capabilities.
If you do not have administrator rights to your PC, you at least need permissions to download, install, and run Cisco Any Connect Client.
If you are participating in a WebEx event, it is highly recommended to take this class at a location that has bandwidth speeds at a minimum of 1 Mbps bandwidth speeds.

Note: Students registering for this course will be receiving their course kit in a digital format. To be able to view your digital kit you will need to bring a laptopPC and/or a compatible iPad or Android tablet. The recommended system requirements and instructions to access the course kit content can be found at the following link: Digital Course Kit Requirements and Instructions
Please be aware that this digital version is designed for online use, not for printing. You can print up to 10 pages only in each guide within a course. Please note that every time you click the Print button in the book, this counts as one page printed, whether or not you click OK in the Print dialog.

Objective:
Upon completing this course, the learner will be able to meet these overall objectives:

  • Describe Cisco ISE architecture, installation, and distributed deployment options.
  • Configure Network Access Devices (NADs), policy components, and basic
  • authentication and authorization policies in Cisco ISE - Implement Cisco ISE web authentication and guest services.
  • Deploy Cisco ISE profiling, posture and client provisioning services.
  • Describe administration, monitoring, troubleshooting, and TrustSec SGA security.
  • Configure device administration using TACACS+ in Cisco ISE

Prerequisites:
The learner is expected to have the following skills and knowledge before attending this
course:
  • Familiarity with Cisco IOS CLI
  • Familiarity with Cisco ASA
  • Familiarity with Cisco VPN clients
  • Familiarity with MicroSoft Windows Operating Systems
  • Familiarity with 802.1X

Who Should Attend:
The audience for this course is as follows:
  • ISE Administrators/Engineers
  • Wireless Administrators/Engineers
  • Consulting Systems Engineers
  • Technical/Wireless/BYOD/Security Solutions Architects
  • ATP partner systems and field engineers
  • Systems integrators who install and implement the Cisco Identity Service Engine version 2.1
Course Outline

Module 1: Introducing Cisco ISE Architecture and Deployment

Lesson 1: Using Cisco ISE as a Network Access Policy Engine
  • Cisco Identity Services Overview
  • Cisco Identity Solution Benefits
  • The Attack Continuum
  • Controlling Access to the Network
  • Security Challenges for IT Organizations
  • Centralized Policy Management
  • Cisco Identity Solution Guest Use Case
  • Cisco Identity Solution BYOD Use Case
  • Cisco Identity Solution Profiling Use Case
  • Cisco Identity Solution Compliance Use Case
  • Cisco Identity Solution Security Group Access Use Case
  • Introducing the Components of a Cisco ISE Deployment
  • Secure Access Control
  • Describing Cisco ISE Functions
  • Summary
Lesson 2: Introducing Cisco ISE Deployment Models
  • Introducing the Components of an ISE Deployment
  • Cisco ISE Nodes and Personas
  • Implementing Nodes, Personas, and Roles
  • Admin Node
  • Policy Service Node
  • Monitoring Node
  • pxGrid Services
  • Collector Agent
  • Policy Synchronization
  • Deployment Options
  • Cisco ISE Communication Model
  • Introducing Context Visibility
  • Context Visibility Benefits
  • Context Visibility Wizard
  • Streamline Visibility Wizard
  • Summary
  • Lab 1: Configure Initial Cisco ISE setup, GUI Familiarization, system certificate usage
  • Task 1: Verify Cisco ISE setup using CLI
  • Task 2: Initial GUI login and Familiarization
  • Task 3: Disable Profiling
  • Task 4: Certificate enrollment
Module 2: Cisco ISE Policy Enforcement

Lesson 1: Introducing 802.1X and MAB
  • Access: Wired and Wireless
  • IEEE 802.1X Primer
  • MAC Authentication Bypass
  • Overview: Configure 802.1X and MAB
  • Summary
  • Lab 2: Integrate Cisco ISE with Active Directory
  • Task 1: Configure Active Directory Integration
  • Task 2: Configure LDAP Integration
Lesson 2: Introducing Identity Management
  • Identity Sources Overview
  • Internal Identity Sources
  • External Identity Sources
  • Multi-AD Overview and Configuration
  • Lightweight Directory Access Protocol
  • RADIUS
  • SAMLv2
  • Identity Source Sequence
  • Summary
Lesson 3: Configuring Certificate Services
  • Certificate Overview and Implementation
  • Certification Authority Services
  • Summary
Lesson 4: Introducing Cisco ISE Policy
  • Authentication and Authorization Process
  • Dictionaries, Identity Sources, and ISSs
  • Authentication and Its Components
  • Authorization and Its Components
  • Exception Policies and Policy Sets
  • Sessions in Cisco ISE
  • Summary
Lab 3: Configure Basic Policy on Cisco ISE
  • Task 1: Policy Configuration for AD Employees and AD Contractors
  • Task 2: Client Access – Wired
  • Task 3: Client Access – Wireless
  • Task 4: Network visibility with Context Visibility
Lesson 5: Configuring Cisco ISE Policy Sets
  • Cisco ISE Policy Sets Overview
  • Global versus Local Exception Processing
  • Lab 4: Configure Conversion to Policy Sets
  • Task 1: Convert to Policy Set
  • Task 2: Create Wired and Wireless Policy Sets
  • Task 3: Creating a Global Exception
  • Task 4: Testing Client Access Using Policy Sets
Lesson 6: Implementing Third-Party Network Access Device Support
  • Third-Party NAD Support: Features and Workflows
  • Summary
Lesson 7: Introducing Cisco TrustSec
  • Introducing Cisco TrustSec
  • Lesson 8: Introducing EasyConnect
  • Easy Connect Overview
  • EasyConnect Modes and Flows
  • EasyConnect Configuration
  • Summary
  • Lab 5: Configure Access Policy for Easy Connect
  • Task 1: Configure Cisco ISE to Support Easy Connect
  • Task 2: Create Easy Connect Policy Sets
  • Task 3: Test the Easy Connect Connection

Module 3: Web Auth and Guest Services

Lesson 1: Introducing Web Access with
Cisco ISE Web Authentication Overview
ISE Web Authentication Configuration Overview
Web Authentication Verification Overview
Summary

  • Lab 6: Configure Guest Access
  • Task 1: Configure Guest Settings.
  • Task 2: Configure Guest Locations.
  • Lesson 2: Introducing ISE Guest Access Components
  • Guest Access Services Overview
  • Summary

Lesson 3: Configuring Guest Access Settings
Review Guest Access Settings
Guest Types Overview
Summary

  • Lab 7: Configure Guest Access Operations
  • Task 1: Configure Cisco ISE guest access with a hotspot portal.
  • Task 2: Configure Cisco ISE guest access for guest self-registration.
  • (Optional)
  • Task 3: Enable self-registration with sponsor approval.
  • Task 4: Create the accounts as a sponsor (Optional).
  • Task 5: Perform guest account management via the sponsor portal.

Lesson 4: Configuring Portals: Sponsors and Guests
  • Cisco ISE Sponsor Components and Configuration
  • Lab 8: Create Guest Reports
  • Task 1: Running Reports from Cisco ISE Dashboard
Module 4: Cisco ISE Profiler

Lesson 1: Introducing Cisco ISE Profiler
  • Introduction to the Profiler Service
  • Cisco ISE Probes
  • Profiling Policies
  • Summary
Lesson 2: Configuring Cisco ISE Profiling
  • Configure Profiling on Cisco ISE Overview
  • Prepare for Profiling
  • Enable the Profiling Service
  • Profiling Probe Configuration
  • Configuring the Profiler Feed Service
  • Profiling Settings
  • Define Profiling Parameters
  • Configure Profile Policies and Logical Profiles
  • NMAP Scan Actions
  • Go Live and Monitor
  • Summary
  • Lab 9: Configure Profiling
  • Task 1: Configuring Profiling in Cisco ISE
  • Task 2: Configure the Feed Service
  • Task 3: Configuring Profiling in Cisco ISE
  • Task 4: NAD Configuration for Profiling

  • Lab 10: Customize the Cisco ISE Profiling Configuration
  • Task 1: Examine Endpoint Data
  • Task 2: Create a Logical Profile
  • Task 3: Creating a New Authorization Policy Using a Logical Profile
  • Task 4: Create a Custom Profile Policy
  • Task 5: Testing Authorization Policies with Profiling Data
Lab 11: Create Cisco ISE Profiling Reports
  • Task 1: Run Cisco ISE Profiler Feed Reports
  • Task 2: Endpoint Profile Changes Report
  • Task 3: Context Visibility Dashlet Reports
Module 5: Cisco ISE BYOD

Lesson 1: Introducing the Cisco ISE BYOD Process
  • BYOD Problem and Solutions
  • BYOD Design
Lesson 2: Describing BYOD Flow
  • Summary
Lesson 3: Configuring My Devices Portal Settings
  • My Devices Portal Configuration
  • My Devices Portal End-User Experience
Lesson 4: Configuring Certificates in BYOD Scenarios
  • Local ISE CA Server and Local Certificates
  • Cisco ISE Certificates Set Up Walk-through
  • Lab 12: Configure BYOD
  • Task 1: Portal Provisioning
  • Task 2: Provisioning Configuration
  • Task 3: Configuring Policy
  • Task 4: Employee iPad Registration
  • Lab 13: Blacklisting a Device
  • Task 1: Blacklisting a Device
  • Task 2: Lost Access Verification.
  • Task 3: Endpoint Record Observations
  • Task 4: UnBlacklist the Device
  • Task 5: Verify Access Capability
  • Task 6: Blacklisting a Stolen Device
Module 6: Cisco ISE Endpoint Compliance Services

Lesson 1: Introducing Endpoint Compliance
  • Endpoint Compliance
  • Posture Service
  • Posture Conditions
  • Compliance Module
  • Posture Flow
  • Cisco ISE Posture Agents
  • Posture Operational Modes
  • Posture Service Deployment and Licensing
  • Summary
  • Lab 14: Configure Compliance Services on Cisco ISE
  • Task 1: Posture Preparation
  • Task 2: Authorization Profiles
  • Task 3: Adjusting Authorization Policy for Compliance

  • Lesson 2: Configuring Client Posture Services and Provisioning in Cisco ISE
  • Client Provisioning
  • Posture Configuration Procedure
  • Prepare
  • Client Provisioning Resources
  • Posture General Settings
  • Posture Policy
  • Client Provisioning Portal
  • Client Provisioning Policy
  • Additional Configuration Tasks
  • Summary
  • Lab 15: Configure Client Provisioning
  • Task 1: Client Updates
  • Task 2: Client Resources
  • Task 3: Client Provisioning Policies
  • Lab 16: Configure Posture Policies
  • Task 1: Configure Posture Conditions
  • Task 2: Configuring Posture Remediation
  • Task 3: Configuring Posture Requirements
  • Task 4: Configuring Posture Policies
  • Lab 17: Test and Monitor Compliance Based Access
  • Task 1: AnyConnect Unified Agent Access
  • Task 2: Web Agent Access (Optional)
  • Lab 18: Test Compliance Policy
  • Task 1: Configure a Faulty Policy
  • Task 2: Use Posture Reports for Troubleshooting
  • Task 3: Using the Posture Troubleshooter
  • Task 4: Policy Correction and Testing
Module 7: Cisco ISE with AMP and VPN-Based Services

Lesson 1: Introducing VPN Access Using Cisco ISE
  • AAA – External Authentication
  • Using Cisco ASA for VPN Authentication
  • VPN Access Configuration Overview
  • Summary
  • Lab 19: Configure Cisco ISE for VPN Access
  • Task 1: Preparing the Lab
  • Task 2: Testing VPN Client Access
Lesson 2: Configuring Cisco AMP for ISE
  • Threat Centric NAC Overview
  • Threat Centric NAC Configuration
  • Summary
  • Lab 20: Configure Threat-Centric NAC using Cisco AMP
  • Task 1: Configuring the Cisco AMP Cloud
  • Task 2: Configuring Posture Policies and Conditions
  • Task 3: Configuring Posture, AMP and AnyConnect Profiles
  • Task 4: Enabling and Provisioning TC-NAC Services
  • Task 5: Verify Provisioning of AMP for Endpoints (Optional)
Module 8: Cisco ISE Integrated Solutions with APIs

  • Lesson 1: Introducing Location-Based Authorization
  • Introducing Location-Based Authorization
Lesson 2: Introducing Cisco ISE 2.x pxGrid
  • pxGrid Framework
  • pxGrid on Cisco ISE
  • Setting Up the Topic
  • Use Case: pxGrid for Rapid Threat Detection
  • Lab 21: Configure Cisco ISE pxGrid and Cisco WSA Integration
  • Task 1: Configuring Cisco ISE System Certificates for REST and pxGrid
  • Task 2: Preparing the Cisco WSA
  • Task 3: Configuring Security Groups, Authorization Policy, and Enabling
  • pxGrid on ISE
  • Task 4: Enabling pxGrid on WSA
  • Task 5: WSA Identity and Access Policies (Optional)
  • Task 6: Testing Corporate PC (Optional)
Module 9: Working with Network Access Devices

Lesson 1: Configuring TACACS+ for Cisco ISE Device Administration
  • Review TACACS+
  • Cisco ISE TACACS+ Device Administration
  • Configure TACACS Device Administration
  • TACACS Device Administration Guidelines and Best Practices
  • Migrating from Cisco ACS to Cisco ISE
  • Summary
  • Lab 22: Configure Cisco ISE for Basic Device Administration
  • Task 1: Policy Configuration for AD Employees and AD Contractors
  • Lab 23: Configure TACACS+ Command Authorization
  • Task 1: Configure Command Sets
  • Task 2: TACACS+ Features

Module 10: Cisco ISE Design (Self-Study)

Lesson 1: Designing and Deployment Best Practices
  • Cisco ISE Planning and Pre-deployment
  • Cisco ISE Sizing and Scaling Practices

Lesson 2: Performing Cisco ISE Installation and Configuration Best Practices
  • Cisco ISE Deployment Best Practices
  • ISE Certificates Best Practices
  • ISE Profiling Best Practices
  • Web Portals Best Practices
  • Logging and Troubleshooting Best Practices

Lesson 3: Deploying Failover and High-Availability
  • PSN HA or Load Sharing
  • Deploying Monitoring Personas
  • Preparing the Network Infrastructure

Module 11: Configuring Third Party NAD Support (Optional/Self-Study/Reference)

Lesson 1: Configuring Third-Party NAD Support (Optional, Self-Study, or Reference)
  • Configuring Third-Party NAD Support
  • Summary

Remote Learning

This course is available for "remote" learning and will be available to anyone with access to an internet device with a microphone (this includes most models of computers, tablets). Classes will take place with a "Live" instructor at the date/times listed below.

Upon registration, the instructor will send along additional information about how to log-on and participate in the class.

Refund Policy

Cancellation / Reschedule by Student

Because we must schedule rooms, ship course materials, assign instructors and provision computer resources well in advance, it is important students alert us ASAP with any cancel/reschedule requests.

Please note the following policies:

  • If requested 16 or more calendar days before the class
    • Cancellation requests made in this timeframe are eligible for refund less 5% cancellation fee.
    • Reschedule requests made in this timeframe will be accommodated if availability exists and will be processed at no additional charge.
  • If requested 15 calendar days or less before the class
    • Cancellation or Reschedule requests made by the student 15 calendar days or less before the class starts will be charged 100% the course fee and are not entitled to a refund.

Substitutions

  • If you are unable to attend your class, a substitute who meets the course prerequisites may attend in your place at no additional charge for the original class title, date and location. If you cannot find a substitute, you will be subject to the class cancellation policy.

Make-up Policy

Students are permitted one (1) Make-Up opportunity to attend an instructor-led class that was paid for but not previously attended for no additional charge.

  • Make-Up class registrations are subject to availability and are not entitled to refund.
  • Students may not reschedule a Make-up class registration.
  • Any no shows or cancellations forfeit their one Make-up opportunity.

Additionally, ONLC reserves the right to retire courses due to lack of demand. Retired classes are not available for Make-Up.

In the event that an instructor or the school needs to cancel at the last minute, students will receive a refund less a 5% non-refundable registration fee.

In any event where a customer wants to cancel their enrollment and is eligible for a full refund, a 5% processing fee will be deducted from the refund amount.

Reviews of Classes at ONLC Training Centers (7)

Benefits of Booking Through CourseHorse

  • Booking is safe. When you book with us your details are protected by a secure connection.
  • Lowest price guaranteed. Classes on CourseHorse are never marked up.
  • This class will earn you 42950 points. Earn 10% back in reward points!

Questions & Answers (0)

Get quick answers from CourseHorse and past students.

ONLC Training Centers

ONLC Training Centers was founded in 1983 when Jim Palic and Andy Williamson left their positions as mainframe programmers with the Dupont Company to start one of the industry's first computer training companies.

Over thirty years and still growing, ONLC Training Centers is one of the the largest privately...

Read more about ONLC Training Centers

CourseHorse Approved

This school has been carefully vetted by CourseHorse and is a verified Online educator.

ONLC Training Centers

Give This Course as a Gift Card

  • Thousands of classes
  • No expiration
  • Unique and memorable gifts for any occasion
  • Personalized
  • Explore a passion, gain a new skill, discover a new hobby, engage in a memorable experience
  • Instant delivery
  • Lock in a price with the Inflation Buster Gift Card Price Adjuster™

Buy a Gift Card

Book this Class as a Group Event

Booking this class for a group? Find great private group events

Or see all Professional Group Events

Explore group events and team building activities ranging from cooking, art, escape rooms, trivia, and more.

  • Price Lock Guarantee

    Secure your booking now and we'll match any price drop within 48 hours across all booking platforms, ensuring you never miss out on savings!

  • Earn 10% Reward Points

    Maximize your savings with every purchase. Unlock rewards on every transaction, ensuring you get the most value out of your experience!

  • No Added Fees

    Enjoy hassle-free transactions without worrying about additional charges. With us, what you see is what you pay - no surprises!

  • Curated Courses

    Discover a curated selection of courses handpicked by experts in the field. Dive into quality content that suits your learning needs and interests!

CourseHorse Gift Cards

  • Creative & unique gift for any occasion
  • Thousands of classes & experiences
  • No expiration date
  • Instant e-delivery (or choose a date)
  • Add a personalized message
  • Lock in a price with the Inflation Buster Gift Card Price Adjuster™
Buy a Gift Card
gift card with the CourseHorse logo gift card with the CourseHorse logo
Loading...