Implementing Cisco Identity Services Engine for Wireless Engineers (SWISE)

Detailed Outlines

Course Outlines

Module 1: Introducing Cisco ISE

  • Describe the issues that corporations face in supporting new paradigms of network access and how Cisco ISE can ease these pressures and help resolve these issues
  • Describe the Cisco ISE architecture and components
  • Describe the different Cisco ISE nodes and personas
  • Describe and compare the products that are used to run Cisco ISE
  • Describe the different Cisco ISE deployment options
  • Explain the Cisco ISE licensing options and considerations

Module 2: Provisioning Secure Access

  • Describe authentication services that are available to Cisco ISE
  • Describe the process that Cisco ISE uses to validate credentials from different identity sources
  • Configure authentication identity sources and policies
  • Describe Cisco ISE authorization policies and their components
  • Configure authorization components and policies
  • Define and understand CoA and review common permission elements, including dACLs, named ACLs, VLANs, and SGT
  • Lab 2-1: Basic Authentication and Authorization

Module 3: Configuring Profiling

  • Describe the functions and purpose of profiling on the Cisco ISE platform
  • List the profiler probes and discuss the attributes that are associated with these probes
  • Describe and configure profiler policies
  • Configure profiling on the Cisco ISE platform
  • Verify profiling operation on the Cisco ISE platform
  • List the best practices for configuring profiling on the Cisco ISE platform
  • Lab 3-1: Configuring and Validating Cisco ISE Profiling

Module 4: Providing Guest Access

  • Describe the concept of guest web access
  • Configure the components of a CWA-based guest access solution including redirection for both wired and wireless access
  • Describe guest accounts, roles, and data stores
  • Define the functionality that is provided by the Cisco ISE portals that are used for guest access
  • Configure support for guest reporting
  • Discuss best practices as relates to Cisco ISE guest services
  • Lab 4-1: Configuring Cisco ISE Guest Services

Module 5: Implementing BYOD

  • Define BYOD, explain the advantages of a Cisco BYOD solution, and describe BYOD components
  • Describe common BYOD use cases and explain how they apply to various corporate security policy needs
  • Describe BYOD deployment and configuration options
  • Describe the BYOD flow and on-boarding process when a single SSID is used
  • Implement an authentication policy for BYOD deployments
  • Implement an authorization policy for BYOD deployments
  • Lab 5-1: BYOD On-Boarding using a Single SSID
  • Lab 5-2: Test On-Boarding

Module 6: Exploring MDM Integration

  • Define the MDM integration process in Cisco ISE and add an MDM Server
  • Define MDM supported attributes
  • Examine an MDM configuration

Module 7: Monitoring and Troubleshooting Cisco ISE Security Solutions

  • Use the Cisco ISE dashboard
  • Navigate Cisco ISE alarm and logging features to assist in diagnosing problems
  • Use the Live Authentications log feature of Cisco ISE
  • Use the Global Search and Session Trace features of Cisco ISE
  • Use the TCP Dump feature of Cisco ISE
  • Use the Evaluate Configuration Validator tool
  • Lab 7-1: Monitoring and Troubleshooting Cisco ISE (Optional)

Appendix A: Introducing Posture Assessment

  • Define posturing, describe its major components, and explain the posturing flow
  • Explain typical posture example configurations to describe the configuration process
  • Describe and configure posture system settings
  • Describe posture policy logic and verify policy configuration

Objectives and Pre-requisites

Course Objectives

  • Describe the business drivers, architecture, components, and scalability factors related to typical Cisco ISE deployment
  • Provision secure network access by configuring AAA services and common CoA options.
  • Configure profiling processes, components, options, and best practices.
  • Provision a guest user access solution and the different options that are available.
  • Describe and implement a BYOD solution, with a focus on configuring BYOD using a single SSID.
  • Integrate Cisco ISE with a partner MDM solution.
  • Use Cisco ISE tools to gather useful information related to historical trending and to troubleshoot.

Prerequisites

The knowledge and skills you must have before attending this course are as follows:
  • Preferred Advanced Wireless specialized partner or Gold partner.
  • Knowledge of basic 802.1X (It is recommended that the student take the free 802.1X E-learning on PEC before attending this training.)
  • Basic understanding of Microsoft Active Directory or LDAP.
  • CCNA-level route and switch knowledge.

   
 
Classroom training
Duration: 2 days
Price: US$ ----
CLC: 17

 
Course Schedule:
Egypt, Cairo,  Jan 2015
Dubai,  Feb, 2015
Qatar, Doha, May 2015

 
   PDF
PDF of this course
                                                  
 

 

Module 1: Introducing Cisco ISE
  • Describe the issues that corporations face in supporting new paradigms of network access and how Cisco ISE can ease these pressures and help resolve these issues
  • Describe the Cisco ISE architecture and components
  • Describe the different Cisco ISE nodes and personas
  • Describe and compare the products that are used to run Cisco ISE
  • Describe the different Cisco ISE deployment options
  • Explain the Cisco ISE licensing options and considerations
Module 2: Provisioning Secure Access
  • Describe authentication services that are available to Cisco ISE
  • Describe the process that Cisco ISE uses to validate credentials from different identity sources
  • Configure authentication identity sources and policies
  • Describe Cisco ISE authorization policies and their components
  • Configure authorization components and policies
  • Define and understand CoA and review common permission elements, including dACLs, named ACLs, VLANs, and SGT
  • Lab 2-1: Basic Authentication and Authorization
Module 3: Configuring Profiling
  • Describe the functions and purpose of profiling on the Cisco ISE platform
  • List the profiler probes and discuss the attributes that are associated with these probes
  • Describe and configure profiler policies
  • Configure profiling on the Cisco ISE platform
  • Verify profiling operation on the Cisco ISE platform
  • List the best practices for configuring profiling on the Cisco ISE platform
  • Lab 3-1: Configuring and Validating Cisco ISE Profiling
Module 4: Providing Guest Access
  • Describe the concept of guest web access
  • Configure the components of a CWA-based guest access solution including redirection for both wired and wireless access
  • Describe guest accounts, roles, and data stores
  • Define the functionality that is provided by the Cisco ISE portals that are used for guest access
  • Configure support for guest reporting
  • Discuss best practices as relates to Cisco ISE guest services
  • Lab 4-1: Configuring Cisco ISE Guest Services
Module 5: Implementing BYOD
  • Define BYOD, explain the advantages of a Cisco BYOD solution, and describe BYOD components
  • Describe common BYOD use cases and explain how they apply to various corporate security policy needs
  • Describe BYOD deployment and configuration options
  • Describe the BYOD flow and on-boarding process when a single SSID is used
  • Implement an authentication policy for BYOD deployments
  • Implement an authorization policy for BYOD deployments
  • Lab 5-1: BYOD On-Boarding using a Single SSID
  • Lab 5-2: Test On-Boarding
Module 6: Exploring MDM Integration
  • Define the MDM integration process in Cisco ISE and add an MDM Server
  • Define MDM supported attributes
  • Examine an MDM configuration
Module 7: Monitoring and Troubleshooting Cisco ISE Security Solutions
  • Use the Cisco ISE dashboard
  • Navigate Cisco ISE alarm and logging features to assist in diagnosing problems
  • Use the Live Authentications log feature of Cisco ISE
  • Use the Global Search and Session Trace features of Cisco ISE
  • Use the TCP Dump feature of Cisco ISE
  • Use the Evaluate Configuration Validator tool
  • Lab 7-1: Monitoring and Troubleshooting Cisco ISE (Optional)
Appendix A: Introducing Posture Assessment
  • Define posturing, describe its major components, and explain the posturing flow
  • Explain typical posture example configurations to describe the configuration process
  • Describe and configure posture system settings
  • Describe posture policy logic and verify policy configuration
Implementing Cisco Identity Services Engine for Wireless Engineers (SWISE) - 5.0 out of 5 based on 1 vote

User Rating: 5 / 5

Star activeStar activeStar activeStar activeStar active
 
 Privacy Policy
Terms & Conditions