Course Details

Previous Page


Implementing Cisco Security Access Solutions (SISAS) 1.0 Expert Encore


Overview/Description
Target Audience
Expected Duration
Lesson Objectives
Course Number



Overview/Description
Implementing Cisco Secure Access Solutions (SISAS) v1.0 is a newly created five-day instructor-led training course that is part of the curriculum path leading to the Cisco Certified Network Professional Security (CCNP Security) certification. Additionally, it is designed to prepare security engineers with the knowledge and hands-on experience so that they can deploy Cisco’s Identity Services Engine and 802.1X secure network access. The goal of the course is to provide students with foundational knowledge and the capabilities to implement and managed network access security by utilizing Cisco ISE appliance product solution. The student will gain hands-on experience with configuring various advance Cisco security solutions for mitigating outside threats and securing devices connecting to the network. At the end of the course, students will be able to reduce the risk to their IT infrastructures and applications using Cisco’s ISE appliance feature and provide operational support identity and network access control.
Prerequisites
The knowledge and skills that a learner must have before attending this course are as follows:
CCNA Security or valid CCSP.
Any CCIE certification can also act as a prerequisite
Certification
CCNP Security
Exams
300-208 SISAS
Included Labs
Define Local User in Cisco ISE
Define the Switch as a NAD in Cisco ISE
Configure AAA Settings on Switch
Configure RADIUS Settings on Switch1
Configure Switch for 802.1X Monitor Mode
Verify IE Operation Before ISE PKI Enrollment
Verify the Supplicant Operation Before ISE PKI Enrollment
Enroll Cisco ISE in PKI - Part 1
Enroll Cisco ISE in PKI - Part 2
Explore System Behavior After ISE PKI Enrollment
Deploy AnyConnect Supplicant - Part 1
Deploy AnyConnect Supplicant - Part 2
Configure CA Trust with the AnyConnect Profile Editor
Join ISE to the Active Directory
Configure Authentication Against the Active Directory
Join the Workstation to the Active Directory
Test User and Machine Authentication Using Windows Credentials
Configure Employee-PC for EAP-TLS
Configure ISE for Certificate-Based Client Authentication
Test EAP-TLS
Enable EAP Chaining
Config Switch for AAA Authorization and 802.1X Low-Impact Mode
Retrieve User Groups from Active Directory
Config Authorization for IT Users and Domain Computers - Part 1
Config Authorization for IT Users and Domain Computers - Part 2
Config Authorization for IT Users and Domain Computers - Part 3
Config Authorization for IT Users and Domain Computers - Part 4
Config Authorization for IT Users and Domain Computers - Part 5
Configure Authorization for Remaining Employees
Config Authorization for Domain Administrators
Config Authorization for Local ISE Users
Config Switch for Central WebAuth
Config ISE Authentication for WebAuth
Config ISE Authorization to Enforce Traffic Redirection - Part 1
Config ISE Authorization to Enforce Traffic Redirection - Part 2
Config ISE Authorization to Enforce Traffic Redirection - Part 3
Configure ISE Authorization Rule for Employees Authenticated via WebAuth
Outline
Implementing Cisco Secure Access Solutions
Module 1: Threat Mitigation Through Identity Services
Describe the role of identity services in the secure access solution
Implement 802.1X and EAP
Jump start the secure access solution
Module 2: Cisco ISE Fundamentals
Describe the key characteristics of Cisco ISE Enroll the Cisco ISE in the PKI
Implement Cisco ISE internal authentication
Implement Cisco ISE external authentication
Module 3: Advanced Access Control
Describe certificate-based client authentication in EAP-TLS.
Describe the authorization in Cisco ISE.
Describe the Cisco Security Group Access (SGA) solution and MACsec.
Module 4: Web Authentication and Guest Access
Describe Cisco ISE WebAuth
Describe the guest service features of the Cisco ISE
Module 5: Endpoint Access Control Enhancements
Describe the posture assessment and the use of NAC agents
Describe the Cisco ISE profiler and the endpoint identity groups
Describe the BYOD solution elements and device onboarding
Module 6: Access Control Troubleshooting
Troubleshoot Cisco network access controls


Target Audience
Implementing Cisco Secure Access Solutions (SISAS) v1.0 is designed to prepare security engineers with the knowledge and experience so that they can deploy Cisco’s Identity Services Engine and 802.1X secure network access. The goal of the course is to provide students with foundational knowledge and the capabilities to implement and managed network access security by utilizing Cisco ISE appliance product solution. The student will gain experience with configuring various advance Cisco security solutions for mitigating outside threats and securing devices connecting to the network. At the end of the course, students will be able to reduce the risk to their IT infrastructures and applications using Cisco’s ISE appliance feature and provide operational support identity and network access control. It is also perfect for students interested in pursuing their Cisco Certified Network Professional Security (CCNP Security) certification.

Expected Duration (hours)
32.0

Lesson Objectives

Implementing Cisco Security Access Solutions (SISAS) 1.0 Expert Encore

  • Understand Cisco Identity Services Engine architecture and access control capabilities.
  • Understand 802.1X architecture, implementation and operation.
  • Understand commonly implemented Extensible Authentication Protocols (EAP).
  • Implement Public-Key Infrastructure with ISE.
  • Understand the implement Internal and External authentication databases.
  • Implement MAC Authentication Bypass.
  • Implement identity based authorization policies.
  • Understand Cisco TrustSec features.
  • Implement Web Authentication and Guest Access.
  • Implement ISE Posture service.
  • Implement ISE Profiling.
  • Understand Bring Your Own Device (BYOD) with ISE.
  • Troubleshoot ISE .
  • Course Number:
    LLCS0091