Advanced Access Control with Cisco ISE for CCNP Security (300-208) SISAS

This course builds and expands on the Introduction to Cisco ISE for CCNP Security (300-208) SISAS course by helping you progress towards CCNP Security, while teaching you the ins and outs of Advanced Authorization with Cisco ISE.
Course info
Level
Intermediate
Updated
Dec 14, 2016
Duration
2h 36m
Table of contents
Description
Course info
Level
Intermediate
Updated
Dec 14, 2016
Duration
2h 36m
Description

The CCNP Security is a highly recognized industry certification and Cisco ISE is one of the most widely deployed Identity management solutions. In this course, Advanced Access Control with Cisco ISE for CCNP Security (300-208) SISAS, you'll first learn how to configure certificate-based authentication with EAP-TLS. Next you'll learn about advanced authentication methods with downloadable ACLs. Finally, you'll learn about Security Group Access, and MacSec. This course prepares you for a portion of the material found on the 300-208 SISAS exam. By the end of this course, you'll be one step closer to being prepared to take the SISAS exam.

About the author
About the author

Brandon is a CCIE (Security, #23837), Cisco Press author, and has over 13 years experience as a Cisco Instructor.

More from the author
VPN Fundamentals for CCNP® Security
Intermediate
1h 52m
12 Feb 2018
ISE BYOD for CCNP Security (300-208) SISAS
Intermediate
2h 8m
8 Nov 2017
More courses by Brandon Carroll
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone, my name is Brandon Carroll, and welcome to my course, Advanced Access Control with Cisco ISE for CCNP Security SISAS. I am CCIE number 23837 and a consulting system engineer at GlobalConfig. net. The CCNP Security is a highly recognized industry certification, and Cisco ISE is one of the most widely deployed identity management solutions. This course packs a one-two punch as it helps you to progress towards CCNP security, while teaching you the ins and outs of advanced authorization with Cisco ISE. In this course we're going to start out looking at certificate-based authentication with Cisco ISE using EAP-TLS. After that we'll turn our attention to the authorization side of things with downloadable ACLs, secure group tagging, and MACsec. Some of the major topics that we'll cover include, the detailed process of ISE authentication and a configuration of certificate-based authentication with EAP-TLS, the detailed process of ISE authorization and the configuration of authorization profiles using downloadable ACLs, and a detailed walkthrough of security group access and MACsec. By the end of this course, you'll know how to deploy authentication and authorization services using Cisco ISE. Before beginning this course, you should be familiar with basic switch and router configurations and have an understanding equivalent to the CCNA-level topics. I hope you'll join me on this journey to learn how to configure and control network-based authentication and authorization with the Advanced Access Control with Cisco ISE for CCNP Security SISAS course, here at Pluralsight.

Certificate Based Authentication with EAP-TLS
Well hi there everyone, and welcome to Certificate Based Authentication with EAP-TLS. As we go through this module on certificate-based authentication, we're going to start out by looking at what needs to happen to make all of this stuff come together. We're going to go through the five-step PKI enrollment process and then talk about how to verify PKI enrollment. Then we're going to take a look at ISE authentication at a high level, we'll talk about the process that ISE goes through, and then we'll dig down a little bit into some of the policy elements. After we've done that we're going to look at the authentication conditions and we'll see some options that we have there. That's going to be followed by a demonstration on how to verify our certificates that are installed on Cisco ISE. Then we'll get into an overview of EAP-TLS, that bi-directional authentication where both sides are going to use certificates, and after that we're going to get into an EAP-TLS configuration in the lab.