Cisco
Product
ISE
Cisco Security Training (ISESDA)

The Cisco ISE Essentials for SD-Access (ISESDA) course shows you how to deploy the Cisco® Identity Services Engine (ISE) to support the Software-Defined Access (SD-Access) solution within your enterprise networks. You will gain an understanding of how Cisco ISE is utlitized by the SD-Access solution to provide security policies across the organization. You will learn Cisco ISE fundamentals and get hands-on practice configuring ISE, policies, AAA client configuration, VPN access, integration, wireless guest access, and more.

About the course

Prerequisites

The knowledge and skills that a learner should have before attending this course are as follows:

  • Understanding of network routing and switching principles equivalent to the Cisco CCNA® certification level

Course Objectives

Upon successful completion of this course, students will be able to meet these overall objectives:

  • Describe Cisco ISE policies and authentication and authorization process
  • Understand different AAA protocols
  • Understand how Cisco ISE fits into Cisco DNA Center architecture
  • Provide configuration examples of Cisco ISE and TrustSec solutions
  • Describe Cisco ISE integration with Cisco DNA Center and policy enforcement using Security Groups
  • Provide configuration examples for wired, wireless, and VPN network access
  • Understand how inline tagging and SGT Exchange Protocol (SXP) works
Course content

Module 1:  Cisco ISE Overview

  • Exploring the Cisco Identity Services Engine
  • Examining AAA protocols
  • Examining Authentication
  • Examining Authorization

Module 2:  Cisco ISE Guest Access

  • Examining Guest Portal Types
  • Examining Guest User Types
  • Examining AAA Policies for Guest Access

Module 3:  Cisco ISE and SD-Access

  • Exploring Cisco SD-Access
  • Examining Cisco ISE for SD-Access

Module 4:  Cisco ISE SGT Exchange Protocol

  • SD-Access Fabric and Host Provisioning
  • Security Group Exchange Protocol

Lab Outline

  • Introduction to ISE and Active Directory (AD) Integration
  • Configuring ISE AAA Policies
  • Configuring AAA Clients and Verifying AAA Operations
  • Configuring Wireless Guest Access (Optional)
  • Configuring VPN Access
Who Should Attend

The primary audience for this course is as follows:

  • System engineers
  • Network engineers
  • Technical architects
  • Technical support engineers
  • Cisco integrators and partners