Durata corso:
Prezzo
+ IVA
Implementing and Configuring Cisco Identity Services Engine (SISE) (CIS12)
Codice: CIS12
Questo corso fornisce al partecipante una conoscenza approfondita dello strumento Cisco Identity Services Engine (ISE).
Questa piattaforma permette la gestione e l’automatizzazione delle policy di sicurezza sulle risorse di rete. Identity Services Engine garantisce un’eccellente visibilità di utenti e dispositivi a supporto delle funzioni di mobilità e del controllo degli accessi. ISE è indispensabile per la tutta la gestione dei criteri di controllo delle identità e degli accessi, semplificando enormemente tutta l’infrastruttura utile al controllo di accessi in ambito Wired, Wireless e VPN.
Inoltre questo corso, di carattere molto pratico, fornisce le conoscenze e le competenze per implementare e utilizzare i servizi di profilazione, l’autenticazione Web, i servizi di accesso degli Guest, il BYOD, i servizi di conformità degli endpoint e l’amministrazione dei dispositivi TACACS +. Utilizzare Cisco ISE significa ottenere visibilità su ciò che sta accadendo nella rete e individuare tempestivamente le minacce e mitigarne i rischi. Inoltre questo corso, di carattere molto pratico, fornisce le conoscenze e le competenze per implementare e utilizzare i servizi di profilazione, l’autenticazione Web, i servizi di accesso degli Guest, il BYOD, i servizi di conformità degli endpoint e l’amministrazione dei dispositivi TACACS +. Utilizzare Cisco ISE significa ottenere visibilità su ciò che sta accadendo nella rete e individuare tempestivamente le minacce e mitigarne i rischi.
Modalità di erogazione
In aula o Live Virtual Classroom
Attestato di partecipazione
Al termine del corso verrà rilasciato l’attestato di frequenza
Esame
350-715 – Implementing and Operating Cisco Security Core Technologies
Introducing Cisco ISE Architecture and Deployment
- Introduction
- Using Cisco ISE as a Network Access Policy Engine
- Cisco ISE Use Cases
- Describing Cisco ISE Functions
- Cisco ISE Deployment Models
- Context Visibility
- Lab Demo: Access the SISE Lab and Install ISE 2.4
- Lab Demo: Configure Initial Cisco ISE Setup, GUI Familiarization, and System Certificate Usage
Cisco ISE Policy Enforcement
- Introduction
- Using 802.1X for Wired and Wireless Access
- Using MAC Authentication Bypass for Wired and Wireless Access
- Introducing Identity Management
- Configuring Certificate Services
- Lab Demo: Integrate Cisco ISE with Active Directory
- Introducing Cisco ISE Policy
- Lab Demo: Configure Cisco ISE Policy
- Implementing Third-Party Network Access Device Support
- Introducing Cisco TrustSec
- TrustSec Configuration
- Easy Connect
- Lab Demo: Configure Access Policy for Easy Connect
Web Auth and Guest Services
- Introduction
- Introducing Web Access with Cisco ISE
- Introducing Guest Access Components
- Configuring Guest Access Settings
- Lab Demo: Configure Guest Access
- Configuring Sponsor and Guest Portals
- Lab Demo: Configure Guest Access Operations
- Lab Demo: Create Guest Reports
Cisco ISE Profiler
- Introduction
- Introducing Cisco ISE Profiler
- Profiling Deployment and Best Practices
- Lab Demo: Configure Profiling
- Lab Demo: Customize the Cisco ISE Profiling Configuration
- Lab Demo: Create Cisco ISE Profiling Reports
Cisco ISE BYOD
- Introduction
- Introducing the Cisco ISE BYOD Process
- Describing BYOD Flow
- Configuring the My Devices Portal
- Configuring Certificates in BYOD Scenarios
- Lab Demo: Configure BYOD
- Lab Demo: Blacklist a Device
Cisco ISE Endpoint Compliance Services
- Introduction
- Introducing Endpoint Compliance Services
- Lab Demo: Configure Cisco ISE Compliance Services
- Configuring Client Posture Services and Provisioning
- Lab Demo: Configure Client Provisioning
- Lab Demo: Configure Posture Policies
- Lab Demo: Test and Monitor Compliance-Based Access
- Lab Demo: Test Compliance Policy
Working with Network Access Devices
- Introduction
- Review AAA
- Cisco ISE TACACS+ Device Administration
- Configuring TACACS+ Device Administration
- TACACS+ Device Administration Guidelines and Best Practices
- Migrating from Cisco ACS to Cisco ISE
- Lab Demo: Configure Cisco ISE for Basic Device Administration
- Lab Demo: Configure TACACS+ Command Authorization
Laboratori
- Access the SISE Lab and Install ISE 2.4
- Configure Initial Cisco ISE Setup, GUI Familiarization, and System Certificate Usage
- Integrate Cisco ISE with Active Directory
- Configure Cisco ISE Policy
- Configure Access Policy for Easy Connect
- Configure Guest Access
- Configure Guest Access Operations
- Create Guest Reports
- Configure Profiling
- Customize the Cisco ISE Profiling Configuration
- Create Cisco ISE Profiling Reports
- Configure BYOD
- Blacklisting a Device
- Configure Cisco ISE Compliance Services
- Configure Client Provisioning
- Configure Posture Policies
- Test and Monitor Compliance Based Access
- Test Compliance Policy
- Configure Cisco ISE for Basic Device Administration
- Configure TACACS+ Command Authorization
- Network security engineers
- ISE administrators
- Wireless network security engineers
- Cisco integrators and partners
Per beneficiare appieno di questo corso, dovresti avere le seguenti conoscenze e abilità:
- Familiarità con l’interfaccia della riga di comando (CLI) del software Cisco IOS®
- Familiarità con Cisco AnyConnect® Secure Mobility Client
- Familiarità con i sistemi operativi Microsoft Windows
- Familiarità con 802.1X
Dopo aver seguito questo corso, dovresti essere in grado di:
- Describe Cisco ISE deployments, including core deployment components and how they interact to create a cohesive security architecture. Describe the advantages of such a deployment and how each Cisco ISE capability contributes to these advantages.
- Describe concepts and configure components related to 802.1X and MAC Authentication Bypass (MAB) authentication, identity management, and certificate services.
- Describe how Cisco ISE policy sets are used to implement authentication and authorization, and how to leverage this capability to meet the needs of your organization.
- Describe third-party network access devices (NADs), Cisco TrustSec®, and Easy Connect.
- Describe and configure web authentication, processes, operation, and guest services, including guest access components and various guest access scenarios.
- Describe and configure Cisco ISE profiling services, and understand how to monitor these services to enhance your situational awareness about network-connected endpoints. Describe best practices for deploying this profiler service in your specific environment.
- Describe BYOD challenges, solutions, processes, and portals. Configure a BYOD solution, and describe the relationship between BYOD processes and their related configuration components. Describe and configure various certificates related to a BYOD solution.
- Describe the value of the My Devices portal and how to configure this portal.
- Describe endpoint compliance, compliance components, posture agents, posture deployment and licensing, and the posture service in Cisco ISE.
- Describe and configure TACACS+ device administration using Cisco ISE, including command sets, profiles, and policy sets. Understand the role of TACACS+ within the authentication, authentication, and accounting (AAA) framework and the differences between the RADIUS and TACACS+ protocols.
- Migrate TACACS+ functionality from Cisco Secure Access Control System (ACS) to Cisco ISE, using a migration tool.