SISE: Implementing and Configuring Cisco Identity Services Engine

The Implementing and Configuring Cisco Identity Services Engine (SISE) v4.0 course teaches you to deploy and use Cisco® Identity Services Engine (ISE) v3.x, an identity and access control policy platform that simplifies the delivery of consistent, highly secure access control across wired, wireless, and VPN connections.

This hands-on course provides you with the knowledge and skills to implement and apply Cisco ISE capabilities to support use cases for Zero Trust security posture. These use cases include tasks such as policy enforcement, profiling services, web authentication and guest access services, BYOD, endpoint compliance services, and Terminal Access Controller Access Control Server (TACACS+) device administration. Through hands-on practice via lab exercises, you will learn how to use Cisco ISE to gain visibility into what is happening in your network, streamline security policy management, and contribute to operational efficiency.

This course helps you prepare to take the Implementing and Configuring Cisco Identity Services Engine (300-715 SISE) exam, which leads to CCNP® Security and the Cisco Certified Specialist - Security Identity Management Implementation certifications.

This course also earns you 40 Continuing Education (CE) credits toward recertification!

Audience:

This training is aimed at individuals involved in the deployment and maintenance of a Cisco Identity Services Engine solution.

Typical roles are Network security engineers, ISE administrators, Senior Security Operations Center (SOC) personnel responsible for Incidence Response, Cisco integrators and partners.

Prerequisites:

To fully benefit from this course, you should have the following knowledge: 

  • Familiarity with the Cisco IOS® Software Command-Line Interface (CLI) for wired and wireless devices
  • Familiarity with Cisco AnyConnect® Secure Mobility Client
  • Familiarity with Microsoft Windows operating systems
  • Familiarity with 802.1x

Course objectives

This class will help you use SISE to:

  • Develop and Implement SASE architecture
  • Understand application of ISE capabilities towards development of a Zero Trust Approach
  • Enable BYOD and guest access
  • Centrally configure and manage posture, authentication and authorisation services in a single web-based GUI console
  • Gain eading-edge career skills for high-demand job roles and responsibilities focused on enterprise security

After taking this course, you should be able to:

  • Explain Cisco ISE deployment
  • Describe Cisco ISE policy enforcement components
  • Describe Cisco ISE policy configuration
  • Troubleshoot Cisco ISE policy and third-party Network Access Device (NAD) support
  • Configure guest access
  • Configure hotspots and guest portals
  • Describe the Cisco ISE profiler services
  • Describe profiling best practices and reporting
  • Configure a Cisco ISE BYOD solution
  • Configure endpoint compliance
  • Configure client posture services
  • Configure Cisco ISE device administration
  • Describe Cisco ISE TrustSec configurations

Course content

Modules:

Introducing Cisco ISE Architecture
Introducing Cisco ISE Deployment
Introducing Cisco ISE Policy Enforcement Components
Introducing Cisco ISE Policy Configuration
Troubleshooting Cisco ISE Policy and Third-Party NAD Support
Introducing Web Authentication and Guest Services
Configuring Hotspots and Guest Portals
Introducing the Cisco ISE Profiler
Introducing Profiling Best Practices and Reporting
Configuring Cisco ISE BYOD
Introducing Cisco ISE Endpoint Compliance Services
Configuring Client Posture Services and Compliance
Working With Network Access Devices
Exploring Cisco TrustSec

Labs:

Lab 1A: Installation and Basic Setup of Cisco ISE
Lab 1B: Verify Initial Cisco ISE Setup and System Certificate Usage
Lab 2: Integrate Cisco ISE with Active Directory
Lab 3: Configure Cisco ISE Policy for MAB
Lab 4: Configure Cisco ISE Policy for 802.1X
Lab 5: Configure Guest Access
Lab 6: Configure Hotspot and Self-Registered Guest Access
Lab 7: Configure Sponsor-Approved and Fully Sponsored Guest Access
Lab 8: Create Guest Reports
Lab 9: Configure Profiling
Lab 10: Customize the Cisco ISE Profiling Configuration
Lab 11: Create Cisco ISE Profiling Reports
Lab 12: Configure BYOD
Lab 13: Manage a Lost or Stolen BYOD Device
Lab 14: Configure Cisco ISE Compliance Services
Lab 15: Configure Client Provisioning
Lab 16: Configure Posture Policies
Lab 17: Test and Monitor Compliance-Based Access
Lab 18: Configure Cisco ISE for Basic Device Administration
Lab 19: Configure Cisco ISE Command Authorization
Lab 20: Configure Cisco TrustSec

Certification

This course helps you prepare to take exam 300-715 SISE: Implementing and Configuring Cisco Identity Services Engine.

After you pass exam 300-715 SISE:

  • You will have satisfied the concentration exam requirement for the CCNP Security certification. To complete CCNP Security, you also need to pass the Implementing and Operating Cisco Security Core Technologies (350-701 SCOR) exam or its equivalent.