Implementing Cisco Secure Access Solutions V1.0


Introduction

Implementing Cisco Secure Access Solutions (SISAS) v1.0 is a newly created five-day instructor-led training (vILT) course is part of the curriculum path leading to the Cisco Certified Network Professional Security (CCNP Security) certification. Additionally, it is designed to prepare security engineers with the knowledge and hands-on experience so that they can deploy Cisco’s Identity Services Engine and 802.1X secure network access.

The goal of the course is to provide students with foundational knowledge and the capabilities to implement and managed network access security by utilizing Cisco ISE appliance product solution. The student will gain hands-on experience with configuring various advance Cisco security solutions for mitigating outside threats and securing devices connecting to the network. At the end of the course, students will be able to reduce the risk to their IT infrastructures and applications using Cisco’s ISE appliance feature and provide operational support identity and network access control.

Summary

Duration – 5 Days hands-on training
Vendor – Cisco
Audience – Network Security Engineers
Level – Professional
Technology – Cisco
Category – Borderless Networking / Security
Delivery Method – Instructor-Led
Training Credits / Vouchers – Cisco Learning Credits Accepted

Course Content

1. Course Introduction

  • Overview
  • Course Goal and Objectives
  • Course Flow
  • Additional References
  • Your Training Curriculum

2. Threat Mitigation Through Identity Services

  • Identity Services
  • 802.1X and EAP
  • Identity System Quick Start

3. Cisco Identity Services Engine (ISE) Fundamentals

  • Cisco ISE Overview
  • Cisco ISE with PKI
  • Cisco ISE Authentication
  • Configuring Cisco ISE for
  • External Authentication

4. Advanced Access Control

  • Certificate-based User
  • Authentication
  • Authorization
  • Security Group Access (SGA)
  • MACsec Implementation

5. Web Authentication and Guest Access

  • Describe the Cisco Email Security Solutions
  • Guest Access Services

6. Endpoint Access Control Enhancements

  • Posture
  • Profiler
  • BYOD

7. Troubleshooting Network Access Control

  • Troubleshooting Network Access Control

Prerequisites

The knowledge and skills a learner should have before attending:

  • Cisco Certified Network Associate (CCNA) certification
  • Cisco Certified Network Associate (CCNA) Security certification
  • Knowledge of Microsoft Windows operating system

Course Objectives

Upon completing this course, the learner will be able to meet these overall objectives:

  • Understand Cisco Identity Services Engine architecture and access control capabilities
  • Understand 802.1X architecture, implementation and operation
  • Understand commonly implemented Extensible Authentication Protocols (EAP)
  • Implement Public-Key Infrastructure with ISE
  • Understand the implement Internal and External authentication databases
  • Implement MAC Authentication Bypass
  • Implement identity based authorization policies
  • Understand Cisco TrustSec features
  • Implement Web Authentication and Guest Access
  • Implement ISE Posture service
  • Implement ISE Profiling
  • Understand Bring Your Own Device (BYOD) with ISE
  • Troubleshoot ISE

Target Audience

This course is intended primarily for:

  • Network Security Engineers

Associated Certifications & Exam

The 300-208 Implementing Cisco Secure Access Solutions (SISAS) exam tests whether a network security engineer knows the components and architecture of secure access by utilizing 802.1X and TrustSec. This exam covers Cisco Identity Services Engine (ISE) architecture, solution and components as an overall network threat mitigation and endpoint control solutions. It also includes the fundamental concepts of BYOD using posture and profiling services of ISE.