Implementing and Configuring Cisco Identity Services Engine v2.1 - SISE

Implementing and Configuring Cisco Identity Services Engine v2.1 - SISE Course Description

Duration: 5.00 days (40 hours)

Cisco Career Guide

This course discusses the Cisco Identity Services Engine (ISE), a an identity and access control policy platform that provides a single policy plane across the entire organization, combining multiple services, including authentication, authorization, and accounting (AAA), posture, profiling, device on-boarding, and guest management, into a single context-aware identity-based platform. The training provides learners with the knowledge and skills to enforce security posture compliance for wired and wireless endpoints and enhance infrastructure security using the Cisco ISE.

Next Class Dates

Mar 19, 2018 – Mar 23, 2018
9:00 AM – 5:00 PM CT
519 8th Avenue, 2nd Floor, New York, NY 10018
New York, NY 10018
Apr 16, 2018 – Apr 20, 2018
9:00 AM – 5:00 PM CT
519 8th Avenue, 2nd Floor, New York, NY 10018
New York, NY 10018
May 14, 2018 – May 18, 2018
9:00 AM – 5:00 PM CT
519 8th Avenue, 2nd Floor, New York, NY 10018
New York, NY 10018
Jun 11, 2018 – Jun 15, 2018
9:00 AM – 5:00 PM CT
519 8th Avenue, 2nd Floor, New York, NY 10018
New York, NY 10018

View More Schedules »

Contact us to customize this class with your own dates, times and location. You can also call 1-888-563-8266 or chat live with a Learning Consultant.

Back to Top

Intended Audience for this Implementing and Configuring Cisco Identity Services Engine v2.1 - SISE Course

  • » ISE Administrators/Engineers
  • » Wireless Administrators/Engineers
  • » Consulting Systems Engineers
  • » Technical/Wireless/BYOD/Security Solutions Architects
  • » ATP partner systems and field engineers
  • » Systems integrators who install and implement the Cisco Identity Service Engine version 2.1

Back to Top

Course Prerequisites for Implementing and Configuring Cisco Identity Services Engine v2.1 - SISE

  • » Familiarity with Cisco IOS CLI
  • » Familiarity with Cisco ASA
  • » Familiarity with Cisco VPN clients
  • » Familiarity with MicroSoft Windows Operating Systems
  • » Familiarity with 802.1X

Back to Top

Implementing and Configuring Cisco Identity Services Engine v2.1 - SISE Course Objectives

  • » Describe Cisco ISE architecture, installation, and distributed deployment options
  • » Configure Network Access Devices (NADs), policy components, and basic authentication and authorization policies in Cisco ISE - Implement Cisco ISE web authentication and guest services
  • » Deploy Cisco ISE profiling, posture and client provisioning services
  • » Describe administration, monitoring, troubleshooting, and TrustSec SGA security
  • » Configure device administration using TACACS+ in Cisco ISE

Back to Top

Implementing and Configuring Cisco Identity Services Engine v2.1 - SISE Course Outline

      1. Introducing Cisco ISE Architecture and Deployment
        1. Using Cisco ISE as a Network Access Policy Engine
          1. Cisco Identity Services Overview
          2. Cisco Identity Solution Benefits
          3. The Attack Continuum
          4. Controlling Access to the Network
          5. Security Challenges for IT Organizations
          6. Centralized Policy Management
          7. Cisco Identity Solution Guest Use Case
          8. Cisco Identity Solution BYOD Use Case
          9. Cisco Identity Solution Profiling Use Case
          10. Cisco Identity Solution Compliance Use Case
          11. Cisco Identity Solution Security Group Access Use Case
          12. Introducing the Components of a Cisco ISE Deployment
          13. Secure Access Control
          14. Describing Cisco ISE Functions
        2. Introducing Cisco ISE Deployment Models
          1. Introducing the Components of an ISE Deployment
          2. Cisco ISE Nodes and Personas
          3. Implementing Nodes, Personas, and Roles
          4. Admin Node
          5. Policy Service Node
          6. Monitoring Node
          7. pxGrid Services
          8. Collector Agent
          9. Policy Synchronization
          10. Deployment Options
          11. Cisco ISE Communication Model
          12. Introducing Context Visibility
          13. Context Visibility Benefits
          14. Context Visibility Wizard
          15. Streamline Visibility Wizard
        3. Lab 1: Configure Initial Cisco ISE setup, GUI Familiarization, system certificate usage
          1. Verify Cisco ISE setup using CLI
          2. Initial GUI login and Familiarization
          3. Disable Profiling
          4. Certificate enrollment
      2. Cisco ISE Policy Enforcement
        1. Introducing 802.1X and MAB Access: Wired and Wireless
          1. IEEE 802.1X Primer
          2. MAC Authentication Bypass
          3. Overview: Configure 802.1X and MAB
        2. Lab 2: Integrate Cisco ISE with Active Directory
          1. Configure Active Directory Integration
          2. Configure LDAP Integration
        3. Introducing Identity Management
          1. Identity Sources Overview
          2. Internal Identity Sources
          3. External Identity Sources
          4. Multi-AD Overview and Configuration
          5. Lightweight Directory Access Protocol
          6. RADIUS
          7. SAMLv2
          8. Identity Source Sequence
        4. Configuring Certificate Services
          1. Certificate Overview and Implementation
          2. Certification Authority Services
        5. Introducing Cisco ISE Policy
          1. Authentication and Authorization Process
          2. Dictionaries, Identity Sources, and ISSs
          3. Authentication and Its Components
          4. Authorization and Its Components
          5. Exception Policies and Policy Sets
          6. Sessions in Cisco ISE
        6. Lab 3: Configure Basic Policy on Cisco ISE
          1. Policy Configuration for AD Employees and AD Contractors
          2. Client Access โ€“ Wired
          3. Client Access โ€“ Wireless
          4. Network visibility with Context Visibility
        7. Configuring Cisco ISE Policy Sets
          1. Cisco ISE Policy Sets Overview
          2. Global versus Local Exception Processing
        8. Lab 4: Configure Conversion to Policy Sets
          1. Convert to Policy Set
          2. Create Wired and Wireless Policy Sets
          3. Creating a Global Exception
          4. Testing Client Access Using Policy Sets
        9. Implementing Third-Party Network Access Device Support
          1. Third-Party NAD Support: Features and Workflows
        10. Introducing Cisco TrustSec
          1. Introducing Cisco TrustSec
        11. Introducing EasyConnect
          1. Easy Connect Overview
          2. EasyConnect Modes and Flows
          3. EasyConnect Configuration
        12. Lab 5: Configure Access Policy for Easy Connect
          1. Configure Cisco ISE to Support Easy Connect
          2. Create Easy Connect Policy Sets
          3. Test the Easy Connect Connection
      3. Web Auth and Guest Services
        1. Introducing Web Access with Cisco ISE
          1. Web Authentication Overview
          2. ISE Web Authentication Configuration Overview
          3. Web Authentication Verification Overview
        2. Lab 6: Configure Guest Access
          1. Configure Guest Settings.
          2. Configure Guest Locations.
        3. Introducing ISE Guest Access Components
          1. Guest Access Services Overview
        4. Configuring Guest Access Settings
          1. Review Guest Access Settings
          2. Guest Types Overview
        5. Lab 7: Configure Guest Access Operations
          1. Configure Cisco ISE guest access with a hotspot portal.
          2. Configure Cisco ISE guest access for guest self-registration. (Optional)
          3. Enable self-registration with sponsor approval.
          4. Create the accounts as a sponsor (Optional).
          5. Perform guest account management via the sponsor portal.
        6. Configuring Portals: Sponsors and Guests
          1. Cisco ISE Sponsor Components and Configuration
        7. Lab 8: Create Guest Reports
          1. Running Reports from Cisco ISE Dashboard
      4. Cisco ISE Profiler
        1. Introducing Cisco ISE Profiler
          1. Introduction to the Profiler Service
          2. Cisco ISE Probes
          3. Profiling Policies
        2. Configuring Cisco ISE Profiling
          1. Configure Profiling on Cisco ISE Overview
          2. Prepare for Profiling
          3. Enable the Profiling Service
          4. Profiling Probe Configuration
          5. Configuring the Profiler Feed Service
          6. Profiling Settings
          7. Define Profiling Parameters
          8. Configure Profile Policies and Logical Profiles
          9. NMAP Scan Actions
          10. Go Live and Monitor
        3. Lab 9: Configure Profiling
          1. Configuring Profiling in Cisco ISE
          2. Configure the Feed Service
          3. Configuring Profiling in Cisco ISE
          4. NAD Configuration for Profiling
        4. Lab 10: Customize the Cisco ISE Profiling Configuration
          1. Examine Endpoint Data
          2. Create a Logical Profile
          3. Creating a New Authorization Policy Using a Logical Profile
          4. Create a Custom Profile Policy
          5. Testing Authorization Policies with Profiling Data
        5. Lab 11: Create Cisco ISE Profiling Reports
          1. Run Cisco ISE Profiler Feed Reports
          2. Endpoint Profile Changes Report
          3. Context Visibility Dashlet Reports
      5. Cisco ISE BYOD
        1. Introducing the Cisco ISE BYOD Process
          1. BYOD Problem and Solutions
          2. BYOD Design
        2. Describing BYOD Flow
        3. Configuring My Devices Portal Settings
          1. My Devices Portal Configuration
          2. My Devices Portal End-User Experience
        4. Configuring Certificates in BYOD Scenarios
          1. Local ISE CA Server and Local Certificates
          2. Cisco ISE Certificates Set Up Walk-through
        5. Lab 12: Configure BYOD
          1. Portal Provisioning
          2. Provisioning Configuration
          3. Configuring Policy
          4. Employee iPad Registration
        6. Lab 13: Blacklisting a Device
          1. Blacklisting a Device
          2. Lost Access Verification.
          3. Endpoint Record Observations
          4. UnBlacklist the Device
          5. Verify Access Capability
          6. Blacklisting a Stolen Device
      6. Cisco ISE Endpoint Compliance Services
        1. Introducing Endpoint Compliance
          1. Endpoint Compliance
          2. Posture Service
          3. Posture Conditions
          4. Compliance Module
          5. Posture Flow
          6. Cisco ISE Posture Agents
          7. Posture Operational Modes
          8. Posture Service Deployment and Licensing
        2. Lab 14: Configure Compliance Services on Cisco ISE
          1. Posture Preparation
          2. Authorization Profiles
          3. Adjusting Authorization Policy for Compliance
        3. Configuring Client Posture Services and Provisioning in Cisco ISE
          1. Client Provisioning
          2. Posture Configuration Procedure
          3. Prepare
          4. Client Provisioning Resources
          5. Posture General Settings
          6. Posture Policy
          7. Client Provisioning Portal
          8. Client Provisioning Policy
          9. Additional Configuration Tasks
        4. Lab 15: Configure Client Provisioning
          1. Client Updates
          2. Client Resources
          3. Client Provisioning Policies
        5. Lab 16: Configure Posture Policies
          1. Configure Posture Conditions
          2. Configuring Posture Remediation
          3. Configuring Posture Requirements
          4. Configuring Posture Policies
        6. Lab 17: Test and Monitor Compliance Based Access
          1. AnyConnect Unified Agent Access
          2. Web Agent Access (Optional)
        7. Lab 18: Test Compliance Policy
          1. Configure a Faulty Policy
          2. Use Posture Reports for Troubleshooting
          3. Using the Posture Troubleshooter
          4. Policy Correction and Testing
      7. Cisco ISE with AMP and VPN-Based Services
        1. Introducing VPN Access Using Cisco ISE
          1. AAA โ€“ External Authentication
          2. Using Cisco ASA for VPN Authentication
          3. VPN Access Configuration Overview
        2. Lab 19: Configure Cisco ISE for VPN Access
          1. Preparing the Lab
          2. Testing VPN Client Access
        3. Configuring Cisco AMP for ISE
          1. Threat Centric NAC Overview
          2. Threat Centric NAC Configuration
        4. Lab 20: Configure Threat-Centric NAC using Cisco AMP
          1. Configuring the Cisco AMP Cloud
          2. Configuring Posture Policies and Conditions
          3. Configuring Posture, AMP and AnyConnect Profiles
          4. Enabling and Provisioning TC-NAC Services
          5. Verify Provisioning of AMP for Endpoints (Optional)
      8. Cisco ISE Integrated Solutions with APIs
        1. Introducing Location-Based Authorization
          1. Introducing Location-Based Authorization
        2. Introducing Cisco ISE 2.x pxGrid
          1. pxGrid Framework
          2. pxGrid on Cisco ISE
          3. Setting Up the Topic
          4. Use Case: pxGrid for Rapid Threat Detection
        3. Lab 21: Configure Cisco ISE pxGrid and Cisco WSA Integration
          1. Configuring Cisco ISE System Certificates for REST and pxGrid
          2. Preparing the Cisco WSA
          3. Configuring Security Groups, Authorization Policy, and Enabling pxGrid on ISE
          4. Enabling pxGrid on WSA
          5. WSA Identity and Access Policies (Optional)
          6. Testing Corporate PC (Optional)
      9. Working with Network Access Devices
        1. Configuring TACACS+ for Cisco ISE Device Administration
          1. Review TACACS+
          2. Cisco ISE TACACS+ Device Administration
          3. Configure TACACS Device Administration
          4. TACACS Device Administration Guidelines and Best Practices
          5. Migrating from Cisco ACS to Cisco ISE
        2. Lab 22: Configure Cisco ISE for Basic Device Administration
          1. Policy Configuration for AD Employees and AD Contractors
        3. Lab 23: Configure TACACS+ Command Authorization
          1. Configure Command Sets
          2. TACACS+ Features
      10. Cisco ISE Design (Self-Study)
        1. Designing and Deployment Best Practices
          1. Cisco ISE Planning and Pre-deployment
          2. Cisco ISE Sizing and Scaling Practices
        2. Performing Cisco ISE Installation and Configuration Best Practices
          1. Cisco ISE Deployment Best Practices
          2. ISE Certificates Best Practices
          3. ISE Profiling Best Practices
          4. Web Portals Best Practices
          5. Logging and Troubleshooting Best Practices
        3. Deploying Failover and High-Availability
          1. PSN HA or Load Sharing
          2. Deploying Monitoring Personas
          3. Preparing the Network Infrastructure

Back to Top

Do you have the right background for Implementing and Configuring Cisco Identity Services Engine v2.1 - SISE?

Skills Assessment

We ensure your success by asking all students to take a FREE Skill Assessment test. These short, instructor-written tests are an objective measure of your current skills that help us determine whether or not you will be able to meet your goals by attending this course at your current skill level. If we determine that you need additional preparation or training in order to gain the most value from this course, we will recommend cost-effective solutions that you can use to get ready for the course.

Our required skill-assessments ensure that:

  1. All students in the class are at a comparable skill level, so the class can run smoothly without beginners slowing down the class for everyone else.
  2. NetCom students enjoy one of the industry's highest success rates, and pass rates when a certification exam is involved.
  3. We stay committed to providing you real value. Again, your success is paramount; we will register you only if you have the skills to succeed.
This assessment is for your benefit and best taken without any preparation or reference materials, so your skills can be objectively measured.

Take your FREE Skill Assessment test »

Back to Top

Award winning, world-class Instructors

David M.
- Networking expert with several Cisco certifications, including CCENT, CCNA, CCDA, CCSI, and CCVP. - Has taught over 90 courses at NetCom Learning. - Average rating of 8.75 out of 9 on student evaluation reports.


David has been in the Networking field for the past eleven years and holds several Cisco certifications. He has been an instructor since 2005 and has taught over 90 courses at NetCom Learning.

David is an extremely enthusiastic trainer with a raw passion towards teaching and delivering Cisco information and takes great pride in his career as an instructor, which has lead him to develop and deliver the class in his own unique way; very professional and knowledgeable, yet pleasant and enjoyable. His classes have a high passing rate for students taking certification exams, and averages 8.75 out of 9 on evaluation reports.
Michael G.
- Over 22 years of professional experience in the IT field, including more than a decade as a Certified Trainer.
- An expert in Cisco's Routing, Switching, Security, Voice and Wireless areas, as well as select Microsoft, Novell, CompTIA, Sun and CWNP courses.
- High-skilled and acclaimed instructor. Has trained over 900 students at Netcom Learning.


Michael has over 22 years of professional experience in the IT field, including more than a decade as a Certified Trainer. An expert in Cisco's Routing, Switching, Security, Voice and Wireless areas, Michael also teaches select Microsoft, Novell, CompTIA, Sun and CWNP courses.

Michael's dedication and passion for teaching is unmatched. He has trained over 900 students at Netcom Learning since 2006 and his evaluation scores average 8.7 out of 9.
William D.
- Bachelors and Masters in Mathematics from University of Pennsylvania, in addition to several IT certifications.
- Over 20 years of experience in the IT industry; background ranges from engineering, administration and escalation support in networks.


William is a highly-skilled IT professional with Bachelors and Masters Degree in Mathematics from University of Pennsylvania. He has been working in the IT industry for over 20 years, with experience in engineering, administration and escalation support in networks ranging from small to large scale complex enterprise environments.

As a Cisco and CompTIA Subject Matter Expert, he holds several certifications, including Cisco CCNA, CCNP, and CCIE. William is one of NetCom's top trainers, consistently scoring high marks in student evaluations.

See more...   See more instructors...

Back to Top

Recent Client Testimonials & Reviews

Very knowledgeable instructor. True subject matter expert.

- Dameon R.

Course(s) Taken

» Implementing Cisco Voice Communications and QoS v8.0 - CVOICE

The instructor knows his material very well.

- Hung N.

Course(s) Taken

» Implementing Cisco Voice Communications and QoS v8.0 - CVOICE

Good Training company with whom we have a history.

-Swaminathayer M.
Course(s) Taken

» Deploying Cisco ASA Firewall Solutions v2.0 - FIREWALL

  More testimonials »  

Back to Top