> > > SWISE Detailed outline

Implementing Cisco Identity Services Engine for Wireless Engineers (SWISE)

Course Description Schedule Course Outline

Detailed Course Outline

Module 1: Introducing Cisco ISE
  • Describe the issues that corporations face in supporting new paradigms of network access and how Cisco ISE can ease these pressures and help resolve these issues
  • Describe the Cisco ISE architecture and components
  • Describe the different Cisco ISE nodes and personas
  • Describe and compare the products that are used to run Cisco ISE
  • Describe the different Cisco ISE deployment options
  • Explain the Cisco ISE licensing options and considerations
Module 2: Provisioning Secure Access
  • Describe authentication services that are available to Cisco ISE
  • Describe the process that Cisco ISE uses to validate credentials from different identity sources
  • Configure authentication identity sources and policies
  • Describe Cisco ISE authorization policies and their components
  • Configure authorization components and policies
  • Define and understand CoA and review common permission elements, including dACLs, named ACLs, VLANs, and SGT
  • Lab 2-1: Basic Authentication and Authorization
Module 3: Configuring Profiling
  • Describe the functions and purpose of profiling on the Cisco ISE platform
  • List the profiler probes and discuss the attributes that are associated with these probes
  • Describe and configure profiler policies
  • Configure profiling on the Cisco ISE platform
  • Verify profiling operation on the Cisco ISE platform
  • List the best practices for configuring profiling on the Cisco ISE platform
  • Lab 3-1: Configuring and Validating Cisco ISE Profiling
Module 4: Providing Guest Access
  • Describe the concept of guest web access
  • Configure the components of a CWA-based guest access solution including redirection for both wired and wireless access
  • Describe guest accounts, roles, and data stores
  • Define the functionality that is provided by the Cisco ISE portals that are used for guest access
  • Configure support for guest reporting
  • Discuss best practices as relates to Cisco ISE guest services
  • Lab 4-1: Configuring Cisco ISE Guest Services
Module 5: Implementing BYOD
  • Define BYOD, explain the advantages of a Cisco BYOD solution, and describe BYOD components
  • Describe common BYOD use cases and explain how they apply to various corporate security policy needs
  • Describe BYOD deployment and configuration options
  • Describe the BYOD flow and on-boarding process when a single SSID is used
  • Implement an authentication policy for BYOD deployments
  • Implement an authorization policy for BYOD deployments
  • Lab 5-1: BYOD On-Boarding using a Single SSID
  • Lab 5-2: Test On-Boarding
Module 6: Exploring MDM Integration
  • Define the MDM integration process in Cisco ISE and add an MDM Server
  • Define MDM supported attributes
  • Examine an MDM configuration
Module 7: Monitoring and Troubleshooting Cisco ISE Security Solutions
  • Use the Cisco ISE dashboard
  • Navigate Cisco ISE alarm and logging features to assist in diagnosing problems
  • Use the Live Authentications log feature of Cisco ISE
  • Use the Global Search and Session Trace features of Cisco ISE
  • Use the TCP Dump feature of Cisco ISE
  • Use the Evaluate Configuration Validator tool
  • Lab 7-1: Monitoring and Troubleshooting Cisco ISE (Optional)
Appendix A: Introducing Posture Assessment
  • Define posturing, describe its major components, and explain the posturing flow
  • Explain typical posture example configurations to describe the configuration process
  • Describe and configure posture system settings
  • Describe posture policy logic and verify policy configuration