SISE – Implementing and Configuring Cisco Identity Services Engine v2.1

  • Consulting systems engineers
  • Technical solutions architects
  • Integrators who install and implement the Cisco ISE version 2.1
  • End users (Cisco customers) desiring the knowledge to install, configure, and deploy Cisco ISE 2.1
  • Cisco channel partners and field engineers who need to meet the educational requirements to attain Authorized Technology Partner (ATP) authorization to sell and support the ISE product


  • CCNA Security or equivalent level of experience with Cisco devices
  • Foundation-level wireless knowledge and skills
  • Familiarity with Microsoft Windows and Microsoft Active Directory
  • Familiarity with 802.1X
  • Familiarity with Cisco ASA
  • Familiarity with Cisco AnyConnect Secure Mobility Client

Expected Duration
5 day


In this course, you will learn about the Cisco Identity Services Engine (ISE)a next-generation identity and access control policy platform that provides a single policy plane across the entire organization combining multiple services, including authentication, authorization, and accounting (AAA) using 802.1x, MAB, web authentication, posture, profiling, device on-boarding, guest services, and VPN access into a single context-aware identity-based platform. The training provides learners with the knowledge and skills to enforce security compliance for wired and wireless endpoints and enhance infrastructure security using the Cisco ISE.

This course is an intensive hands-on experience. With enhanced hands-on labs, you will cover all facets of Cisco ISE version 2.1. You will learn how to configure fundamental elements of ISE and how to secure identity-based networks using 802.1X for both wired and wireless clients, using Windows 8 and Apple iPad endpoints. You will integrate the Cisco Virtual Wireless LAN Controller (vWLC) with advanced ISE features. You will also learn to use the following advanced features of Cisco ISE: Active Directory Integration, Policy Sets, EasyConnect, EAP-FAST with EAP Chaining, BYOD, AnyConnect 4.x Posture Module for LAN and VPN compliance, Threat Centric NAC using AMP, PxGrid, TACACS+ Device Management, and TrustSec Security Group Access.


1. Introducing Cisco ISE Architecture and Deployment

  • Using Cisco ISE as a Network Access Policy Engine
  • Cisco ISE Deployment Models

2. Cisco ISE Policy Enforcement

  • 802.1X and MAB Access: Wired and Wireless
  • Identity Management
  • Configure Certificate Services
  • Cisco ISE Policy
  • Configuring Cisco ISE Policy Sets
  • Implementing Third-Party Network Access Device Support
  • Cisco TrustSec
  • EasyConnect

3. Web Auth and Guest Services

  • Web Access with Cisco ISE
  • ISE Guest Access Components
  • Configuring Guest Access Settings
  • Configuring Portals: Sponsors and Guests

4. Cisco ISE Profiler

  • Cisco ISE Profiler
  • Configuring Cisco ISE Profiling

5. Cisco ISE BYOD

  • Cisco ISE BYOD Process
  • BYOD Flow
  • Configuring My Devices Portal Settings
  • Configuring Certificates in BYOD Scenarios

6. Cisco ISE Endpoint Compliance Services

  • Endpoint Compliance
  • Configuring Client Posture Services and Provisioning in Cisco ISE

7. Cisco ISE with AMP and VPN-Based Services

  • VPN Access Using Cisco ISE
  • Configuring Cisco AMP for ISE

8. Cisco ISE Integrated Solutions with APIs

  • Location-Based Authorization
  • Cisco ISE 2.x pxGrid

9. Working with Network Access Devices

  • Configuring TACACS+ for Cisco ISE Device Administration

10. Cisco ISE Design

  • Designing and Deployment Best Practices
  • Performing Cisco ISE Installation and Configuration Best Practices
  • Deploying Failover and High-Availability

11. Configuring Third-Party NAD Support



Select Course Options