SISAS (Implementing Cisco Secure Access Solutions) v1.0 is a five-day course that is part of the curriculum path leading to the Cisco Certified Network Professional Security (CCNP Security) certification. It is designed to prepare security engineers with the knowledge and hands-on experience necessary to be able to adequately deploy Cisco's Identity Services Engine and 802.1X secure network access.
The goal of the course is to provide students with foundational knowledge and the capabilities to implement and manage network access security by utilizing Cisco Identity Services Engine (ISE) appliance product solution. The student will gain hands-on experience by, during the course, configuring various advanced Cisco security solutions for mitigating outside threats and securing devices connected to the network. At the end of the course, students will be able to reduce the risk to their IT infrastructures and applications by using Cisco’s ISE appliance feature and will be able to provide operational support, identity and Network Access Control (NAC).
- Exam Number:
- Exam Name:
- Implementing Cisco Secure Access Solutions
- CCNP Security
- Comprehensive study materials, including official Cisco courseware
- Remote lab access
PrerequisitesA valid CCNA Security certification is recommended.
After completing this course, you will be able to:
- Understand Cisco ISE architecture and access control capabilities.
- Understand 802.1X architecture, implementation and operation.
- Understand commonly implemented Extensible Authentication Protocols (EAPs).
- Implement Public-Key Infrastructure (PKI) with ISE.
- Understand and implement Internal and External authentication databases.
- Implement Media Access Control (MAC) Authentication Bypass.
- Implement identity-based authorization policies.
- Understand Cisco TrustSec features.
- Implement Web Authentication and Guest Access.
- Implement ISE Posture service.
- Implement ISE Profiling.
- Understand Bring Your Own Device (BYOD) with ISE.
- Troubleshoot ISE.
Lesson 1: Threat Mitigation Through Identity Services
- Topic 1A: Identity Services
- Topic 1B: 802.1X and EAP
- Topic 1C: Identity System Quick Start
Lesson 2: Cisco ISE Fundamentals
- Topic 2A: Cisco ISE Overview
- Topic 2B: Cisco ISE PKI
- Topic 2C: Cisco ISE Authentication
- Topic 2D: Cisco ISE External Authentication
Lesson 3: Advanced Access Control
- Topic 3A: Certificate-Based User Authentication
- Topic 3B: Authorization
- Topic 3C: Cisco TrustSec and MACSec
Lesson 4: Web Authentication and Guest Access
- Topic 4A: Deploying WebAuth
- Topic 4B: Deploying Guest Service
Lesson 5: Endpoint Access Control Enhancements
- Topic 5A: Deploying Posture Service
- Topic 5B: Deploying Profiler Service
- Topic 5C: Implementing BYOD
Lesson 6: Access Control Troubleshooting
- Topic 6A: Troubleshooting NACs
- Lab 1: Bootstrap Identity System
- Lab 2: Enroll Cisco ISE in PKI
- Lab 3: Implement MAC Authentication Bypass (MAB) and Internal Authentication
- Lab 4: Implement External Authentication
- Lab 5: Implement Extensible Authentication Protocol-Transport Layer Security (EAP-TLS)
- Lab 6: Implement Authorization
- Lab 7: Implement Central WebAuth and Guest Services
- Lab 8: Implement Posture Service
- Lab 9: Implement the Profile Service
- Lab 10: Troubleshooting NAC
Military RequirementsIn addition to validating your IT skills and networking training, Cisco Certifications are a must for certain IT positions.
- DoD Mandate: The DoD Directive 8570.01-M mandates all government personnel, civilians, and contractors with privileged access working on networks are required to receive industry IT certifications.
- CNSS/NSA 4013: Cisco CCSP and CCNP Security courses meet the CNSS training standard.
- By being 4013 compliant, the Cisco Security certification program ensures that certified network security professionals assisting federal agencies and private sector entities understand what is required to protect information and aid in the defense of the nation’s vital information resources.