Course Description
Description
Implementing Cisco Secure Access Solutions (SISAS) v1.0 is a newly created five-day instructor-led training (ILT) course that is part of the curriculum path leading to the Cisco Certified Network Professional Security (CCNP Security) certification. Additionally, it is designed to prepare security engineers with the knowledge and hands-on experience so that they can deploy Ciscos Identity Services Engine and 802.1X secure network access.
The goal of the course is to provide students with foundational knowledge and the capabilities to implement and managed network access security by utilizing Cisco ISE appliance product solution.
The student will gain hands-on experience with configuring various advance Cisco security solutions for mitigating outside threats and securing devices connecting to the network. At the end of the course, students will be able to reduce the risk to their IT infrastructures and applications using Ciscos ISE appliance feature and provide operational support identity and network access control.
Note: Students registering for this course will be receiving their course kit in a digital format. To be able to view your digital kit you will need to bring a laptop computer, the recommended system requirements and instructions to access the course kit content can be found at the following link:Digital Course Kit Requirements and Instructions
Please be aware that this digital version is designed for online use, not for printing. You can print up to 10 pages only in each guide within a course. Please note that every time you click the Print button in the book, this counts as one page printed, whether or not you click OK in the Print dialog.
If you have any questions or issues with meeting the requirements listed above, please contact us at rlt@skyline-ats.com and provide the class name to which you are attending and we will be more than happy to help.
Objectives
Upon completing this course, you will be able to:
- Understand Cisco Identity Services Engine architecture and access control capabilities
- Understand 802.1X architecture, implementation and operation
- Understand commonly implemented Extensible Authentication Protocols (EAP)
- Implement Public-Key Infrastructure with ISE
- Understand the implement Internal and External authentication databases
- Implement MAC Authentication Bypass
- Implement identity based authorization policies
- Understand Cisco TrustSec features
- Implement Web Authentication and Guest Access
- Implement ISE Posture service
- Implement ISE Profiling
- Understand Bring Your Own Device (BYOD) with ISE
- Troubleshoot ISE
Prerequisites
The knowledge and skills that a learner must have before attending this course are as follows:
- Cisco Certified Network Associate (CCNA) certification
- Cisco Certified Network Associate (CCNA) Security certification
- Knowledge of Microsoft Windows operating system
Who Should Attend
The primary audience for this course is as follows:
- Network Security Engineers
Outline
Module 1: Threat Mitigation Through Identity Services
Lesson 1: Identity Services
Lesson 2: 802.1X and EAP
Lesson 3: Identity System Quick Start
Lesson 4: Module Summary
Module 2: Cisco Identity Services Engine (ISE) FundamentalsLesson 1: Cisco ISE Overview
Lesson 2: Cisco ISE with PKI
Lesson 3: Cisco ISE Authentication
Lesson 4: Configuring Cisco ISE for External Authentication
Lesson 5: Module Summary
Module 3: Advanced Access ControlLesson 1: Certificate-based User Authentication
Lesson 2: Authorization
Lesson 3: Security Group Access (SGA) and MACsec Implementation
Lesson 4: Module Summary
Module 4: Web Authentication and Guest AccessLesson 1: Describe the Cisco Email Security Solutions
Lesson 2: Guest Access Services
Lesson 3: Summary
Module 5: Endpoint Access Control EnhancementsLesson 1: Posture
Lesson 2: Profiler
Lesson 3: BYOD
Lesson 4: Summary
Module 6: Troubleshooting Network Access ControlLesson 1: Troubleshooting Network Access Control
Lesson 2: Summary
Lab Outline
Lab 1-1: Bootstrap Identity System
Lab 2-1: Enroll Cisco ISE in PKI
Lab 2-2: Implement MAB and Internal Authentication
Lab 2-3: Implement External Authentication
Lab 3-1: Implement EAP-TLS
Lab 3-2: Implement Authorization
Lab 4-1: Implement Central WebAuth and Guest Services
Lab 5-1: Implement Posture Service
Lab 5-2: Implement the Profile Service
Lab 6-1: Troubleshooting Network Access Control