Implementing Cisco Secure Access Solutions

5 Days

Description

Overview

Implementing Cisco Security Access Solutions (SISAS) is a 5-day training program that describes an access control solution that centers on the Cisco Identity Services Engine (ISE). The learners build the solution by implementing basic authentication and then extending the system with the authorization, guest services, Cisco TrustSec, posture, and profiling components.

The most fundamental concepts include the authentication methods, such as 802.1X, MAC Authentication Bypass (MAB), and Web authentication (WebAuth). The learners implement various types of the Extensible Authentication Protocol (EAP) using two different 802.1X supplicants: the native Windows OS supplicant and the Cisco AnyConnect supplicant. The Cisco AnyConnect supplicant is used for a range of scenarios, including EAP chaining.

Although the Web Authentication and the guest services are often deployed together, the learners first implement the WebAuth feature for employee access and then enable the guest feature to allow guest access. The posture service on the ISE is used to determine the security posture status of the endpoints. The learners use the built-in posture elements pre-configured in the ISE, and also implement a custom remediation to automatically install antivirus software. The ISE offers a wide range of profiling capabilities. The learners test the default functionality with the common probes enabled, and extend the profiling granularity by defining custom policies.

 The course ends with a troubleshooting lesson and an optional troubleshooting lab exercise.

Course Objectives

Upon completing this course, you will be able to meet these objectives:

  • Deploy Cisco ISE
  • Implement 802.1X and MAB
  • Deploy Security Group Access and MAC Security
  • Implement WebAuth and guest service
  • Deploy posture
  • Implement profiling

Who Should Attend

  • Network security engineers

Upcoming Classes

Virtual Classroom Live
October 30, 2017

$3,895.00
5 Days    9:00am EST - 5:00pm EST
view class details and enroll
Virtual Classroom Live
December 04, 2017

$3,895.00
5 Days    9:00am EST - 5:00pm EST
view class details and enroll
Private Training Available
No date scheduled, don’t see a date that works for you or looking for a private training event, please call 651-905-3729 or submit a request for further information here.
request a private session or new date

Course Overview

  • Lesson 1: Threat Mitigation Through Identity Services
    • Topic 1A: Identity Services
    • Topic 1B: 802.1X and EAP
    • Topic 1C: Identity System Quick Start
  • Lesson 2: Cisco ISE Fundamentals
    • Topic 2A: Cisco ISE Overview
    • Topic 2B: Cisco ISE PKIPKI
    • Topic 2C: Cisco ISE Authentication
    • Topic 2D: Cisco ISE External Authentication
  • Lesson 3: Advanced Access Control
    • Topic 3A: Certificate-Based User Authentication
    • Topic 3B: Authorization
    • Topic 3C: Cisco TrustSec and MACsec
  • Lesson 4: Web Authentication and Guest Access
    • Topic 4A: Deploying WebAuth
    • Topic 4B: Deploying Guest Service
  • Lesson 5: Endpoint Access Control Enhancements
    • Topic 5A: Deploying Posture Service
    • Topic 5B: Deploying Profiler Service
    • Topic 5C: Implementing BYOD
  • Lesson 6: Access Control Troubleshooting
    • Topic 6A: Troubleshooting Network Access Controls
  • Hands On Labs
    • Lab 1: Bootstrap Identity System 
    • Lab 2: Enroll Cisco ISE in PKI 
    • Lab 3: Implement MAB and Internal Authentication 
    • Lab 4: Implement External Authentication 
    • Lab 5: Implement EAP-TLS 
    • Lab 6: Implement Authorization 
    • Lab 7: Implement Central WebAuth and Guest Services 
    • Lab 8: Implement Posture Service 
    • Lab 9: Implement the Profile Service 
    • Lab 10: Troubleshooting Network Access Control

Upcoming Classes

Virtual Classroom Live
October 30, 2017

$3,895.00
5 Days    9:00am EST - 5:00pm EST
view class details and enroll
Virtual Classroom Live
December 04, 2017

$3,895.00
5 Days    9:00am EST - 5:00pm EST
view class details and enroll
Private Training Available
No date scheduled, don’t see a date that works for you or looking for a private training event, please call 651-905-3729 or submit a request for further information here.
request a private session or new date

Prerequisites

  • Familiarity with basic Cisco access control solutions and 802.1X
  • Familiarity with general networking principles equivalent to the CCNA level
  • Familiarity with basic network security concepts equivalent to the CCNA Security level

 

Upcoming Classes

Virtual Classroom Live
October 30, 2017

$3,895.00
5 Days    9:00am EST - 5:00pm EST
view class details and enroll
Virtual Classroom Live
December 04, 2017

$3,895.00
5 Days    9:00am EST - 5:00pm EST
view class details and enroll
Private Training Available
No date scheduled, don’t see a date that works for you or looking for a private training event, please call 651-905-3729 or submit a request for further information here.
request a private session or new date