SISAS - Implementing Cisco Secure Access Solutions

COURSE OUTLINE:

Description

This course is part of the curriculum path leading to the Cisco Certified Network Professional Security (CCNP Security) certification. Additionally, it is designed to prepare security engineers with the knowledge and hands-on experience for deploying the Cisco Identity Services Engine (ISE) and 802.1X secure network access. You will acquire the foundational knowledge and capabilities to implement and managed network access security by utilizing Cisco ISE appliance product solution. You will gain hands-on experience with configuring various advance Cisco security solutions for mitigating outside threats and securing devices connecting to the network. At the end of the course, you will be able to reduce the risk to your IT infrastructures and applications using the Cisco ISE appliance feature and provide operational support identity and network access control.

Audience

Network security engineers

Prerequisites

  • Cisco Certified Network Associate (CCNA�) certification
  • Cisco Certified Network Associate (CCNA�) Security certification
  • Knowledge of Microsoft Windows operating system

Learning Objectives

  • Cisco ISE architecture and access control capabilities
  • 802.1X architecture, implementation, and operation
  • Commonly implemented Extensible Authentication Protocols (EAPs)
  • Implement public key infrastructure (PKI) with ISE
  • Implement internal and external authentication databases
  • Implement MAC Authentication Bypass (MAB)
  • Implement identity based authorization policies
  • Cisco TrustSec features
  • Implement web authentication and guest access
  • Implement ISE Posture service
  • Implement ISE Profiling
  • Bring Your Own Device (BYOD) as it relates to ISE
  • Troubleshoot ISE

1. Threat Mitigation through Identity Services

  • Identity Services
  • 802.1X and EAP
  • Configure 802.1X Components

2. ISE Fundamentals

  • Describe Cisco ISE Features and configure the fundamentals
  • Cisco ISE with PKI
  • Cisco ISE Authentication
  • Cisco ISE with External Authentication

3. Advance Access Control

  • Certificate Based User Authentication
  • Authorization
  • Cisco TrustSec

4. Web Authentication and Guest Access

  • Web Authentication
  • Guest Access Services

5. Endpoint

  • Posture
  • Profiler
  • BYOD

6. Troubleshooting Network Access Control

  • Troubleshooting ISE