Implementing Cisco Identity Services Engine for Wireless Engineers

Implementing Cisco Identity Services Engine for Wireless Engineers

The Implementing Cisco Identity Services Engine for Wireless Engineers (SWISE) version 1.0 course is a 2-day Instructor-led Training course. Cisco Identity Services Engine (ISE) combined with the Cisco Wireless LAN Controller (WLC), access point (AP), and end devices provide the comprehensive Cisco ISE deployment capabilities and solution into one system. This training course will enable Cisco end customers and authorized Cisco System Engineers (SEs) to understand the concepts, architecture, and use cases that are related to the Cisco ISE. This course will also prepare learners to implement basic Cisco ISE solutions. The focus is to ensure that students can implement the core features of Cisco ISE that most implementations require. Students should already be familiar with basic Cisco WLC and AP configuration.

Objetivos

After attending this course you should be able to:

Describe the business drivers, architecture, components, and scalability factors related to typical Cisco ISE deployment
Provision secure network access by configuring AAA services and common CoA options
Configure profiling processes, components, options, and best practices
Provision a guest user access solution and the different options that are available
Describe and implement a BYOD solution, with a focus on configuring BYOD using a single SSID
Integrate Cisco ISE with a partner MDM solution
Use Cisco ISE tools to gather useful information related to historical trending and to troubleshoot

Ciberseguridad

Disponible en formato e-learning

Disponible en formato presencial

Disponible en formato a distancia

Acceso al campus

Subvención disponible
A través de Fundae, cumpliendo requisitos.

Duración
10 horas

  • Dificultad 50% 50%
  • Nivel alcanzado 80% 80%

Dirigido a

Wireless Engineers new to deploying Cisco’s Identity Services Engine Solutions.

Channel Partner / Reseller
Customer
Employee

Conocimientos requeridos

The knowledge and skills a learner must have before attending this course are as follows:

Preferred Advanced Wireless specialized partner or Gold partner.
Knowledge of basic 802.1X (It is recommended that the student take the free 802.1X E-learning on PEC before attending this training.)
Basic understanding of Microsoft Active Directory or LDAP.
CCNA-level route and switch knowledge.

Temario

Course Introduction

Introduction to Cisco ISE

Business Benefits of ISE
ISE Architecture and Components
ISE Nodes and Personas
Different ISE Deployment Options
ISE Licensing Options and Considerations
Provisioning Secure Access

Authentication Services available with ISE
Validating Credentials from Different Identity Sources.
Configuring Authentication Identity Sources and Policies
ISE Authorization Policies and their Components
Configuring Authorization Components and Policies
Define and Understand CoA and review common permission elements, including dACLs, named ACLs, VLANs, and SGT
Configuring Profiling

Functions and Purpose of Profiling
Profiler Probes and Attributes associated with these Probes
Configuring Profiler Policies
Configuring Profiling
Verifying Profiler Operation
Best practices for Configuring Profiling
Providing Guest Access

Concept of Guest Web Access
Configuring the Components of a CWA-based Guest Access Solution
Guest Accounts, Roles, and Data stores
Functionality of ISE Portals used for Guest Access
Configuring Support for Guest Reporting
Best Practices for ISE Guest Services
Implementing BYOD

Overview of BYOD Components
Advantages of a BYOD Solution
Common BYOD Use Cases
BYOD Deployment and Configuration Options
BYOD Flow and On-Boarding Process when a Single SSID is used
Implementing an Authentication Policy for BYOD Deployments
Implementing an Authorization Policy for BYOD Deployments
Exploring MDM Integration

MDM Integration Processes
Adding an MDM Server
MDM Supported Attributes
MDM Configuration
Monitoring and Troubleshooting Cisco ISE Security Solutions

ISE Dashboard
Navigate ISE Alarm and Logging Features to assist in Diagnosing Problems
Using the Live Authentications Log feature of Cisco ISE
Use the Global Search and Session Trace features of Cisco ISE
Use the TCP Dump feature of Cisco ISE
Use the Evaluate Configuration Validator tool
Labs

Lab 2-1: Basic Authentication and Authorization
Lab 3-1: Configuring and Validating Cisco ISE Profiling
Lab 4-1: Configuring Cisco ISE Guest Services
Lab 5-1: BYOD On-Boarding using a Single SSID
Lab 5-2: Testing On-Boarding
Lab 7-1: Monitoring and Troubleshooting Cisco ISE (Optional)

Solicita información del curso