Implementing and Configuring Cisco Identity Services Engine (SISE)

Introduction:

Is your network access policy protecting your data—or blocking your users?

Up to 70% of organizations say they lack full visibility into who’s accessing their systems—opening the door to both security risks and productivity gaps. The Implementing and Configuring Cisco Identity Services Engine (SISE) Training Course gives you the skills to fix that. You’ll learn to deploy Cisco ISE v3.x and enforce identity-based policies across wired, wireless, and VPN networks. Through expert instruction and hands-on labs, you’ll configure guest portals, BYOD onboarding, device profiling, posture checks, and TrustSec controls.

This course also prepares you for the SISE v4.0 certification exam, helping you validate your expertise in Cisco ISE deployment, configuration, and troubleshooting as part of a Zero Trust strategy.

Objectives:

Describe the Cisco Identity Services Engine (ISE)
Explain Cisco ISE deployment
Describe Cisco ISE policy enforcement components
Describe Cisco ISE policy configuration
Troubleshoot Cisco ISE policy and third-party Network Access Device (NAD) support
Configure guest access
Configure hotspots and guest portals
Describe the Cisco ISE profiler services
Describe profiling best practices and reporting
Configure a Cisco ISE BYOD solution
Configure endpoint compliance
Configure client posture services
Configure Cisco ISE device administration
Describe Cisco ISE TrustSec configurations

Course Outline:

Cisco ISE Architecture Overview

  • Understand the role of Cisco ISE in enterprise security
  • Review core components and capabilities of the ISE platform
  • Explore identity-based access control models and policy logic

Deploying Cisco ISE

  • Plan and configure initial Cisco ISE deployment
  • Navigate licensing options and scalability considerations
  • Integrate ISE with existing network infrastructure

Policy Enforcement Components in Cisco ISE

  • Identify key elements involved in access policy enforcement
  • Map out authentication, authorization, and accounting flows
  • Understand the role of RADIUS, profiling, and posture in policy logic

Configuring Access Policies in Cisco ISE

  • Create authentication and authorization policy sets
  • Define rule conditions using identity, posture, and device data
  • Streamline policy design using reusable objects and templates

Troubleshooting Policies and Third-Party NADs

  • Use system logs and diagnostics to troubleshoot policy issues
  • Resolve authentication failures and access denials
  • Support and integrate non-Cisco network access devices

Web Authentication and Guest Services

  • Design guest access flows using self-registration and sponsorship
  • Configure web authentication portals and captive portals
  • Customize branding, login options, and user notifications

Configuring Hotspots and Guest Portals

  • Implement hotspot access with limited credentials
  • Set up guest user onboarding workflows
  • Monitor guest activity and configure expiration policies

Understanding Cisco ISE Profiling Services

  • Identify devices using profiling probes and attributes
  • Classify endpoints dynamically based on network behavior
  • Use profiling policies to automate access decisions

Profiling Best Practices and Reporting

  • Optimize profiling configurations for accuracy
  • Generate endpoint and profiling reports
  • Monitor endpoint behavior trends and anomalies

Configuring Cisco ISE for BYOD

  • Enable onboarding for personal and unmanaged devices
  • Define BYOD workflows including certificate provisioning
  • Ensure secure access and policy enforcement for BYOD users

Endpoint Compliance Services in Cisco ISE

  • Evaluate endpoint posture using predefined checks
  • Integrate compliance posture with access decisions
  • Remediate non-compliant devices automatically

Client Posture Services and Compliance Enforcement

  • Set up posture agents and condition checks
  • Enforce antivirus, firewall, and OS version compliance
  • Apply policies based on client health status

Working with Network Access Devices

  • Connect and manage switches, wireless controllers, and VPNs
  • Use ISE to control access at the network edge
  • Validate NAD configurations and manage updates

Exploring Cisco TrustSec

  • Understand TrustSec components and security group tags (SGTs)
  • Configure scalable group access policies
  • Segment network access using TrustSec for secure zones

Enroll in this course

Need Help Finding The Right Training Solution?

Our training advisors are here for you.

USD United States (US) dollar