Curso Implementing and Configuring Cisco Identity Services Engine (SISE)
40hVisão Geral
O curso Implementing and Configuring Cisco Identity Services Engine (SISE) v3.0 mostra como implementar e utilizar o Cisco® Identity Services Engine (ISE) v2.4, uma plataforma de política de controlo de identidade e acesso que simplifica a entrega de um controlo de acesso consistente e altamente seguro através de ligações com fios, sem fios, e VPN. Este curso prático fornece-lhe os conhecimentos e competências para implementar e utilizar o Cisco ISE, incluindo aplicação de políticas, serviços de definição de perfis, autenticação web e serviços de acesso de convidados, BYOD, serviços de conformidade de endpoints, e administração de dispositivos TACACS+. Através de instrução especializada e prática prática, aprenderá como utilizar o Cisco ISE para ganhar visibilidade do que está a acontecer na sua rede, racionalizar a gestão de políticas de segurança, e contribuir para a eficiência operacional.
Objetivo
Após concluir o Curso Implementing and Configuring Cisco Identity Services Engine (SISE), você será capaz de:
- Describe Cisco ISE deployments, including core deployment components and how they interact to create a cohesive security architecture. Describe the advantages of such a deployment and how each Cisco ISE capability contributes to these advantages.
- Describe concepts and configure components related to 802.1X and MAC Authentication Bypass (MAB) authentication, identity management, and certificate services.
- Describe how Cisco ISE policy sets are used to implement authentication and authorization, and how to leverage this capability to meet the needs of your organization.
- Describe third-party Network Access Devices (NADs), Cisco TrustSec®, and Easy Connect.
- Describe and configure web authentication, processes, operation, and guest services, including guest access components and various guest access scenarios.
- Describe and configure Cisco ISE profiling services, and understand how to monitor these services to enhance your situational awareness about network-connected endpoints. Describe best practices for deploying this profiler service in your specific environment.
- Describe BYOD challenges, solutions, processes, and portals. Configure a BYOD solution, and describe the relationship between BYOD processes and their related configuration components. Describe and configure various certificates related to a BYOD solution.
- Describe the value of the My Devices portal and how to configure this portal.
- Describe endpoint compliance, compliance components, posture agents, posture deployment and licensing, and the posture service in Cisco ISE.
- Describe and configure TACACS+ device administration using Cisco ISE, including command sets, profiles, and policy sets. Understand the role of TACACS+ within the Authentication, Authentication, and Accounting (AAA) framework and the differences between the RADIUS and TACACS+ protocols.
- Migrate TACACS+ functionality from Cisco Secure Access Control System (ACS) to Cisco ISE, using a migration tool.
Pre-Requisitos
- Familiaridade com o Software Cisco IOS® Interface de Linha de Comando (CLI)
- Familiaridade com Cisco AnyConnect® Secure Mobility Client
- Familiaridade com os sistemas operativos Microsoft Windows
- Familiaridade com 802.1X
Informações Gerais
Carga Horária: 40h
- Se noturno este curso é
ministrado de Segunda-feira à sexta-feira, das 19h às 23h
- Se aos sábados este curso é
ministrado das 9h às 18h
- Se in-company por favor
fazer contato para mais detalhes.
Formato de
entrega:
- 100% on-line ao vivo, via
Microsoft Teams na presença de um instrutor/consultor ativo no mercado.
- Nota: não é curso
gravado.
Lab:
- Laboratório + Exercícios
práticos
Materiais
Português | InglêsConteúdo Programatico
Architecture and Deployment
- Configure personas
- Describe deployment options
Policy Enforcement
- Configure native AD and LDAP
- Describe identity store options
- Configure wired/wireless 802.1X network access
- Configure 802.1X phasing deployment
- Configure network access devices
- Implement MAB
- Configure Cisco TrustSec
- Configure policies including authentication and authorization profiles
Web Auth and Guest Services
- Configure web authentication
- Configure guest access services
- Configure sponsor and guest portals
Profiler
- Implement profiler services
- Implement probes
- Implement CoA
- Configure endpoint identity management
BYOD
- Describe Cisco BYOD functionality
- Configure BYOD device on-boarding using internal CA with Cisco switches and Cisco wireless LAN controllers
- Configure certificates for BYOD
- Configure blacklist/whitelist
Endpoint Compliance
- Describe endpoint compliance, posture services, and client provisioning
- Configure posture conditions and policy, and client provisioning
- Configure the compliance module
- Configure Cisco ISE posture agents and operational modes
- Describe supplicant, supplicant options, authenticator, and server
Network Access Device Administration
- Compare AAA protocols
- Configure TACACS+ device administration and command authorization