Back Implementing and Configuring Cisco Identity Services Engine (SISE)


Course Description

In this course, you will learn about the Cisco Identity Services Engine (ISE)-a next-generation identity and access control policy platform that provides a single policy plane across the entire organization combining multiple services, including authentication, authorization, and accounting (AAA) using 802.1x, MAB, web authentication, posture, profiling, device onboarding, guest services, and VPN access into a single context-aware identity-based platform. The training provides learners with the knowledge and skills to enforce security compliance for wired and wireless endpoints and enhance infrastructure security using the Cisco ISE.

This course is an intensive hands-on experience. With enhanced hands-on labs, you will cover the Cisco ISE version 1.4 (labs). You will learn how to perform a fundamental installation of ISE and how to configure identity-based networks using 802.1X for both wired and wireless clients, using Windows 8 and Apple iPad endpoints. You will also learn to use many of the new features, including AnyConnect 4.1 Posture Module for LAN and VPN posture compliance, EAP-FAST, PEAP, BYOD, and EAP Chaining. You'll also see how the new Virtual Wireless Controller (vWLC) works to integrate with ISE along with advanced features within ISE.

Who Should Attend

Consulting systems engineers, Technical solutions architects, Integrators who install and implement the Cisco ISE version 1.3, End users (Cisco customers) desiring the knowledge to install, configure, and deploy Cisco ISE 1.3, Cisco channel partners and field engineers who need to meet the educational requirements to attain Authorized Technology Partner (ATP) authorization to sell and support the ISE product

Learning Objectives

  • ISE deployment options including node types, personas, and licensing
  • Install certificates into ISE using a Windows 2012 Certificate Authority (CA)
  • Configure a distributed deployment
  • Configure AAA clients and network device groups
  • Configure local and remote identity store and use of identity source sequences
  • 802.1X for wired and wireless networks using the latest dot1x commands on a catalyst switch and version 7.6 of the vWLC
  • Configure authorization and authentication policies to allow MAC Authentication Bypass (MAB) endpoints
  • Use central web authentication (CWA) for redirection of legitimate domain users who need to register devices on the network using MAC addresses (device registration)
  • Configure hotspot guest access, self-registration guest access, and sponsored guest access
  • Configure profiler services in ISE and use newer probes available in IOS switch code 15.x as well as vWLC 7.6 code.
  • Profiling feeds, logical profiles, and building profiling conditions to match network endpoints
  • Configure posture assessments using the Cisco the new Cisco AnyConnect Secure Mobility 4.1 posture module
  • Integrate Cisco ISE with MobileIron for Mobile Device Management MDM
  • Maintenance, best practices, and logging

Related Training

Interconnecting Cisco Network Devices Part 1 (ICND1)

Course Info

Length: 5 day
Format: Lecture and Lab
Delivery Method: Virtual / Onsite
Max. Capacity: 16

Contact Us


SISE Datasheet 20190109.pdf