Implementing and Configuring Cisco Identity Services Engine (SISE)
- 5 Days Course
- Language: English
Introduction:
Is your network access policy protecting your data—or blocking your users?
Up to 70% of organizations say they lack full visibility into who’s accessing their systems—opening the door to both security risks and productivity gaps. The Implementing and Configuring Cisco Identity Services Engine (SISE) Training Course gives you the skills to fix that. You’ll learn to deploy Cisco ISE v3.x and enforce identity-based policies across wired, wireless, and VPN networks. Through expert instruction and hands-on labs, you’ll configure guest portals, BYOD onboarding, device profiling, posture checks, and TrustSec controls.
This course also prepares you for the SISE v4.0 certification exam, helping you validate your expertise in Cisco ISE deployment, configuration, and troubleshooting as part of a Zero Trust strategy.
Objectives:
Describe the Cisco Identity Services Engine (ISE)
 Explain Cisco ISE deployment
 Describe Cisco ISE policy enforcement components
 Describe Cisco ISE policy configuration
 Troubleshoot Cisco ISE policy and third-party Network Access Device (NAD) support
 Configure guest access
 Configure hotspots and guest portals
 Describe the Cisco ISE profiler services
 Describe profiling best practices and reporting
 Configure a Cisco ISE BYOD solution
 Configure endpoint compliance
 Configure client posture services
 Configure Cisco ISE device administration
 Describe Cisco ISE TrustSec configurations
Course Outline:
Cisco ISE Architecture Overview
- Understand the role of Cisco ISE in enterprise security
- Review core components and capabilities of the ISE platform
- Explore identity-based access control models and policy logic
Deploying Cisco ISE
- Plan and configure initial Cisco ISE deployment
- Navigate licensing options and scalability considerations
- Integrate ISE with existing network infrastructure
Policy Enforcement Components in Cisco ISE
- Identify key elements involved in access policy enforcement
- Map out authentication, authorization, and accounting flows
- Understand the role of RADIUS, profiling, and posture in policy logic
Configuring Access Policies in Cisco ISE
- Create authentication and authorization policy sets
- Define rule conditions using identity, posture, and device data
- Streamline policy design using reusable objects and templates
Troubleshooting Policies and Third-Party NADs
- Use system logs and diagnostics to troubleshoot policy issues
- Resolve authentication failures and access denials
- Support and integrate non-Cisco network access devices
Web Authentication and Guest Services
- Design guest access flows using self-registration and sponsorship
- Configure web authentication portals and captive portals
- Customize branding, login options, and user notifications
Configuring Hotspots and Guest Portals
- Implement hotspot access with limited credentials
- Set up guest user onboarding workflows
- Monitor guest activity and configure expiration policies
Understanding Cisco ISE Profiling Services
- Identify devices using profiling probes and attributes
- Classify endpoints dynamically based on network behavior
- Use profiling policies to automate access decisions
Profiling Best Practices and Reporting
- Optimize profiling configurations for accuracy
- Generate endpoint and profiling reports
- Monitor endpoint behavior trends and anomalies
Configuring Cisco ISE for BYOD
- Enable onboarding for personal and unmanaged devices
- Define BYOD workflows including certificate provisioning
- Ensure secure access and policy enforcement for BYOD users
Endpoint Compliance Services in Cisco ISE
- Evaluate endpoint posture using predefined checks
- Integrate compliance posture with access decisions
- Remediate non-compliant devices automatically
Client Posture Services and Compliance Enforcement
- Set up posture agents and condition checks
- Enforce antivirus, firewall, and OS version compliance
- Apply policies based on client health status
Working with Network Access Devices
- Connect and manage switches, wireless controllers, and VPNs
- Use ISE to control access at the network edge
- Validate NAD configurations and manage updates
Exploring Cisco TrustSec
- Understand TrustSec components and security group tags (SGTs)
- Configure scalable group access policies
- Segment network access using TrustSec for secure zones
Enroll in this course
$3,995.00

