Telecon Education and Services

Atendimento: (11) 3090-7651


Telecon Education and Services

Atendimento: (11) 3090-7651


Home > Cursos > SWISE - Implementing Cisco Identity Services Engine for Wireless Engineers

SWISE - Implementing Cisco Identity Services Engine for Wireless Engineers

Calendário de Implementing Cisco Identity Services Engine For Wireless Engineers

Dezembro Janeiro Fevereiro Março
As datas destacadas com a cor verde estão confirmadas

Objetivo

“Implementing Cisco Identity Services Engine para Engenheiros de rede sem fio (SWISE)” Este treinamento permitirá aos clientes finais e a rede autorizada de canais Cisco, entender os conceitos, a arquitetura e utilização do Cisco ISE com a rede sem fio. O foco é garantir que os alunos possam aplicar os principais recursos do ISE na integração com a rede sem fio. Os alunos já devem estar familiarizados com a configuração da Cisco WLC e AP.

Após a conclusão deste curso, o aluno será capaz de atender a esses objetivos gerais:
• Descrever os fatores de negócios, arquitetura, componentes e fatores de escalabilidade relacionados à implantação típica do Cisco ISE;
• Provisionar acesso seguro à rede configurando a combinação de AAA e opções comuns de CoA (Change Of Authorization);
• Configurar o serviço denominado de Profiling, seus componentes, opções e utilizar as melhores práticas;
• Provisionar uma solução de acesso para usuário convidado (Guests) e as diferentes opções que estão disponíveis;
• Descrever e implantar uma solução BYOD, com foco na configuração usando um único SSID;
• Integrar Cisco ISE com uma solução de MDM parceira;
• Usar as ferramentas do Cisco ISE para reunir informações úteis relacionadas as tendências históricas de acesso e para solucionar problemas (suporte).

Público Alvo

O público principal deste curso é composto por:
• Engenheiros de campo de Canal
• Engenheiros Consultores de rede Cisco
• Gerentes, engenheiros de suporte e administradores de rede do cliente final

Requisitos

Os conhecimentos e habilidades que o aluno deve ter antes de participar deste curso são os seguintes:
• Canais Cisco Advanced Wireless Specialized ou Gold Partner;
• Conhecimentos de 802.1X;
• Desejável conhecimentos em AD Microsoft ou LDAP;
• Certificação CCNA ou conhecimentos equivalentes;
• Desejável conhecimentos em RF (Rádio Frequência) com experiência de campo;
• Ter assistido os treinamentos IUWNE e/ou CWNS ou com conhecimentos equivalentes;
• Conhecimentos básicos em sistema operacional Windows.

Conteúdo

Introducing Cisco ISE
Describe the business drivers that are related to Cisco identity services solutions and the architecture, high-level design issues, and use cases surrounding these solutions.
• Describe the issues that corporations face in supporting new paradigms of network access and how Cisco ISE can ease these pressures and help resolve these issues
• Describe the Cisco ISE architecture and components
• Describe the different Cisco ISE nodes and personas
• Describe and compare the products that are used to run Cisco ISE
• Describe the different Cisco ISE deployment options
• Explain the Cisco ISE licensing options and considerations

Provisioning Secure Access
Describe Authentication, Authorization, and Accounting (AAA) concepts as they relate to Cisco Identity Services Engine (ISE). This lesson will discuss each component of AAA, explain how it relates to the Cisco ISE security solution, and provide information and examples for configuring these services on the Cisco ISE. Change of Authorization (CoA) will also be defined and various common options for leveraging this feature will be explained.
• Describe authentication services that are available to Cisco ISE
• Describe the process that Cisco ISE uses to validate credentials from different identity sources
• Configure authentication identity sources and policies
• Describe Cisco ISE authorization policies and their components
• Configure authorization components and policies
• Define and understand CoA and review common permission elements, including dACLs, named ACLs, VLANs, and SGT.

Configuring Profiling
Configure profiling processes, components, options, and best practices.
• Describe the functions and purpose of profiling on the Cisco ISE platform
• List the profiler probes and discuss the attributes that are associated with these probes
• Describe and configure profiler policies
• Configure profiling on the Cisco ISE platform
• Verify profiling operation on the Cisco ISE platform
• List the best practices for configuring profiling on the Cisco ISE platform

Providing Guest Access
Provision a guest user access solution and the different options that are available.
• Describe the concept of guest web access
• Configure the components of a CWA-based guest access solution including redirection for both wired and wireless access
• Describe guest accounts, roles, and data stores
• Define the functionality that is provided by the Cisco ISE portals that are used for guest access
• Configure support for guest reporting
• Discuss best practices as relates to Cisco ISE guest services


Implementing BYOD
Describe and implement a BYOD solution, with a focus on configuring BYOD using a single SSID.
• Define BYOD, explain the advantages of a Cisco BYOD solution, and describe BYOD components
• Describe common BYOD use cases and explain how they apply to various corporate security policy needs
• Describe BYOD deployment and configuration options
• Describe the BYOD flow and on-boarding process when a single SSID is used
• Implement an authentication policy for BYOD deployments
• Implement an authorization policy for BYOD deployments

Exploring MDM Integration
Integrate Cisco ISE with a partner MDM solution.
• Define the MDM integration process in Cisco ISE and add an MDM Server
• Define MDM supported attributes
• Examine an MDM configuration

Monitoring and Troubleshooting Cisco ISE Security Solutions
Use Cisco ISE tools to gather useful information related to historical trending and to troubleshoot.
• Use the Cisco ISE dashboard
• Navigate Cisco ISE alarm and logging features to assist in diagnosing problems
• Use the Live Authentications log feature of Cisco ISE
• Use the Global Search and Session Trace features of Cisco ISE
• Use the TCP Dump feature of Cisco ISE
• Use the Evaluate Configuration Validator tool

Appendix A: Introducing Posture Assessment
Describe posturing and typical posture configuration scenarios.
• Define posturing, describe its major components, and explain the posturing flow
• Explain typical posture example configurations to describe the configuration process
• Describe and configure posture system settings
• Describe posture policy logic and verify policy configuration

LABS
• Lab 1: Basic Authentication and Authorization
• Lab 2: Configuring and Validating Cisco ISE Profiling
• Lab 3: Configuring Cisco ISE Guest Services
• Lab 4: BYOD On-Boarding using a Single SSID
• Lab 5: Testing On-Boarding
• Lab 6: Monitoring and Troubleshooting Cisco ISE (Optional)

Carga Horária: 16 horas

Investimento: consulte