CISCO 課程 >> 課程介紹
Implementing and Configuring Cisco Identity Services Engine (SISE) 3.0
Cisco 身分識別服務引擎的建立與設置
課程代碼
SISE
課程天數
5 天
課程概要
本課程主要目的為展示如何部署和使用Cisco®IdentityServices Engine(ISE)。ISE是一種身份和訪問控制策略平台,可簡化橫跨有線、無線和VPN之連接達到一致性,高度安全的訪問權限控管。本課程教授學員實施和使用思科ISE的相關知識和技能,包括政策實施,分析服務,Web身份驗證和訪客訪問服務,BYOD,端點合規性服務以及TACACS+ 設備管理。
通過專家講師引導和實踐練習,您將學習如何藉由思科ISE工具來了解網絡中發生的事件,簡化安全策略管理並提高運營效率。
通過專家講師引導和實踐練習,您將學習如何藉由思科ISE工具來了解網絡中發生的事件,簡化安全策略管理並提高運營效率。
學習目標和取得技能
完成本課程後,您將能夠:
- Describe Cisco ISE deployments, including core deployment components and how they interact to create a cohesive security architecture. Describe the advantages of such a deployment and how each Cisco ISE capability contributes to these advantages.
- Describe concepts and configure components related to 802.1X and MAC Authentication Bypass (MAB) authentication, identity management, and certificate services.
- Describe how Cisco ISE policy sets are used to implement authentication and authorization, and how to leverage this capability to meet the needs of your organization.
- Describe third-party network access devices (NADs), Cisco TrustSec®, and Easy Connect.
- Describe and configure web authentication, processes, operation, and guest services, including guest access components and various guest access scenarios.
- Describe and configure Cisco ISE profiling services, and understand how to monitor these services to enhance your situational awareness about network-connected endpoints. Describe best practices for deploying this profiler service in your specific environment.
- Describe BYOD challenges, solutions, processes, and portals. Configure a BYOD solution, and describe the relationship between BYOD processes and their related configuration components.
- Describe and configure various certificates related to a BYOD solution.
- Describe the value of the My Devices portal and how to configure this portal.
- Describe endpoint compliance, compliance components, posture agents, posture deployment and licensing, and the posture service in Cisco ISE.
- Describe and configure TACACS+ device administration using Cisco ISE, including command sets, profiles, and policy sets. Understand the role of TACACS+ within the authentication, authentication, and accounting (AAA) framework and the differences between the RADIUS and TACACS+ protocols.
- Migrate TACACS+ functionality from Cisco Secure Access Control System (ACS) to Cisco ISE, using a migration tool.
教學方式
CISCO認證講師指導
教材與實驗
CISCO原廠教材
課程適合對象
- Network security engineers
- ISE administrators
- Wireless network security engineers
- Cisco integrators and partners
前備知識
- Familiarity with the Cisco IOS® Software command-line interface (CLI)
- Familiarity with Cisco AnyConnect® Secure Mobility Client
- Familiarity with Microsoft Windows operating systems
- Familiarity with 802.1X
課程大綱
- Section 1: Introducing Cisco ISE Architecture and Deployment
- Section 2: Cisco ISE Policy Enforcement
- Section 3: Web Auth and Guest Services
- Section 4: Cisco ISE Profiler
- Section 5: Cisco ISE BYOD
- Section 6: Cisco ISE Endpoint Compliance Services
- Section 7: Working with Network Access Devices
推薦課程
