Course Outline
SISE: Implementing and Configuring Cisco Identity Services Engine v4.0
This is a 5 day, instructor led course.
In the Implementing and Configuring Cisco Identity Services Engine (SISE) course you will learn to deploy and use Cisco Identity Services Engine (ISE) v3.x, an identity and access control policy platform that simplifies the delivery of consistent, highly secure access control across wired, wireless, and VPN connections.
This hands-on course provides you with the knowledge and skills to implement and apply Cisco ISE capabilities to support use cases for Zero Trust security posture. These use cases include tasks such as policy enforcement, profiling services, web authentication and guest access services, BYOD, endpoint compliance services, and TACACS+ device administration.Implementing and Configuring Cisco Identity Services Engine (SISE) course teaches you to deploy and use Cisco® Identity Services Engine (ISE) v3.x, an identity and access control policy platform that simplifies the delivery of consistent, highly secure access control across wired, wireless, and VPN connections.
You will learn how to use Cisco ISE to:
• Develop and Implement SASE architecture
• Understand application of ISE capabilities towards development of a Zero Trust Approach
• Enable BYOD and guest access
• Centrally configure and manage posture, authentication and authorisation services in a single web-based GUI console
• Gain eading-edge career skills for high-demand job roles and responsibilities focused on enterprise security
This course also earns you 40 Continuing Education (CE) credits toward recertification
Upon successful completion of this course, the student will have the skills necessary to:
• Explain Cisco ISE deployment
• Describe Cisco ISE policy enforcement components
• Describe Cisco ISE policy configuration
• Troubleshoot Cisco ISE policy and third-party Network Access Device (NAD) support
• Configure guest access
• Configure hotspots and guest portals
• Describe the Cisco ISE profiler services
• Describe profiling best practices and reporting
• Configure a Cisco ISE BYOD solution
• Configure endpoint compliance
• Configure client posture services
• Configure Cisco ISE device administration
• Describe Cisco ISE TrustSec configurations
This course is recommended for individuals involved in the deployment and maintenance of a Cisco Identity Services Engine solution and delegates in the following job roles:
• Network security engineers
• ISE administrators
• Wireless network security engineers
• Cisco integrators and partners
To fully benefit from this course, you should have the following knowledge:
• Familiarity with the Cisco IOS® Software Command-Line Interface (CLI)
• Familiarity with Cisco AnyConnect® Secure Mobility Client
• Familiarity with Microsoft Windows operating systems
• Familiarity with 802.1X
Course Contents
Introducing Cisco ISE Architecture
Cisco ISE as a Network Access Policy Engine
Cisco ISE Use Cases
Cisco ISE Functions
Introducing Cisco ISE Deployment
Cisco ISE Deployment Models
Cisco ISE Licensing and Network Requirements
Cisco ISE Context Visibility Features
New Features in Cisco ISE 3.X
Configure Initial Cisco ISE Setup and System Certificate Usage
Introducing Cisco ISE Policy Enforcement Components
802.1X for Wired and Wireless Access
MAC Authentication Bypass for Wired and Wireless Access
Identity Management
Active Directory Identity Source
Additional Identity Sources
Certificate Services
Integrate Cisco ISE with Active Directory
Introducing Cisco ISE Policy Configuration
Cisco ISE Policy
Cisco ISE Authentication Rules
Cisco ISE Authorization Rules
Configure Cisco ISE Policy for MAB
Configure Cisco ISE Policy for 802.1X
Troubleshooting Cisco ISE Policy and Third-Party NAD Support
Cisco ISE Third-Party Network Access Device Support
Troubleshooting Cisco ISE Policy Configuration
Introducing Web Authentication and Guest Services
Web Access with Cisco ISE
Guest Access Components
Guest Access Settings
Configure Guest Access
Configuring Hotspots and Guest Portals
Sponsor and Guest Portals Configuration
Configure Hotspot and Self-Registered Guest Access
Configure Sponsor-Approved and Fully Sponsored Guest Access
Create Guest Reports
Introducing the Cisco ISE Profiler
ISE Profiler Overview
Cisco ISE Probes
Profiling Policy
Configure Profiling
Customize the Cisco ISE Profiling Configuration
Introducing Profiling Best Practices and Reporting
Profiling Best Practices
Create Cisco ISE Profiling Reports
Configuring Cisco ISE BYOD
Cisco ISE BYOD Solution Overview
Cisco ISE BYOD Flow
My Devices Portal Configuration
Certificate Configuration in BYOD Scenarios
Configure BYOD
Manage a Lost or Stolen BYOD Device
Introducing Cisco ISE Endpoint Compliance Services
Endpoint Compliance Services Overview
Configure Cisco ISE Compliance Services
Configuring Client Posture Services and Compliance
Client Posture Services and Provisioning Configuration
Configure Client Provisioning
Configure Posture Policies
Test and Monitor Compliance-Based Access
Working With Network Access Devices
Reviewing AAA
Cisco ISE TACACS+ Device Administration
Configuring TACACS+ Device Administration
TACACS+ Device Administration Guidelines and Best Practices
Migration from Cisco ACS to Cisco ISE
Configure Cisco ISE for Basic Device Administration
Configure Cisco ISE Command Authorization
Exploring Cisco TrustSec
Cisco TrustSec Overview
Cisco TrustSec Enhancements
Cisco TrustSec Configuration
Configure Cisco TrustSec
Lab Outline
Lab 1A: Installation and Basic Setup of Cisco ISE
Lab 1B: Verify Initial Cisco ISE Setup and System Certificate Usage
Lab 2: Integrate Cisco ISE with Active Directory
Lab 3: Configure Cisco ISE Policy for MAB
Lab 4: Configure Cisco ISE Policy for 802.1X
Lab 5: Configure Guest Access
Lab 6: Configure Hotspot and Self-Registered Guest Access
Lab 7: Configure Sponsor-Approved and Fully Sponsored Guest Access
Lab 8: Create Guest Reports
Lab 9: Configure Profiling
Lab 10: Customize the Cisco ISE Profiling Configuration
Lab 11: Create Cisco ISE Profiling Reports
Lab 12: Configure BYOD
Lab 13: Manage a Lost or Stolen BYOD Device
Lab 14: Configure Cisco ISE Compliance Services
Lab 15: Configure Client Provisioning
Lab 16: Configure Posture Policies
Lab 17: Test and Monitor Compliance-Based Access
Lab 18: Configure Cisco ISE for Basic Device Administration
Lab 19: Configure Cisco ISE Command Authorization
Lab 20: Configure Cisco TrustSec
We strongly recommend you attend this course before attempting the following exam.
Certification & Exam
This exam certifies your knowledge of Cisco Identify Services Engine, including architecture and deployment, policy enforcement, Web Auth and guest services, profiler, BYOD, endpoint compliance, and network access device administration.
After you pass 300-715 SISE:
• You earn the Cisco Certified Specialist – Security Identity Management Implementation certification.
• You will have satisfied the concentration exam requirement for the new CCNP Security certification. To complete CCNP Security, you also need to pass the Implementing and Operating Cisco Security Core Technologies (350-701 SCOR) exam or its equivalent.
This exam tests your knowledge of Cisco Identify Services Engine, including:
• Architecture and deployment
• Policy enforcement
• Web Auth and guest services
• Profiler
• BYOD
• Endpoint compliance
• Network access device administration
The Implementing and Configuring Cisco Identity Services Engine v1.0 (SISE 300-715) exam is a 90-minute exam associated with the CCNP Security, and Cisco Certified Specialist – Security Identity Management Implementation certifications. This exam tests a candidate’s knowledge of Cisco Identify Services Engine, including architecture and deployment, policy enforcement, Web Auth and guest services, profiler, BYOD, endpoint compliance, and network access device administration. The course, Implementing and Configuring Cisco Identity Services Engine, helps candidates to prepare for this exam.
The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.
10%
1.0 Architecture and Deployment
1.1 Configure personas
1.2 Describe deployment options
25%
2.0 Policy Enforcement
2.1 Configure native AD and LDAP
2.2 Describe identity store options
• 2.2.a LDAP
• 2.2.b AD
• 2.2.c PKI
• 2.2.d OTP
• 2.2.e Smart Card
• 2.2.f Local
2.3 Configure wired/wireless 802.1X network access
2.4 Configure 802.1X phasing deployment
• 2.4.a Monitor mode
• 2.4.b Low impact
• 2.4.c Closed mode
2.5 Configure network access devices
2.6 Implement MAB
2.7 Configure Cisco TrustSec
2.8 Configure policies including authentication and authorization profiles
15%
3.0 Web Auth and Guest Services
3.1 Configure web authentication
3.2 Configure guest access services
3.3 Configure sponsor and guest portals
15%
4.0 Profiler
4.1 Implement profiler services
4.2 Implement probes
4.3 Implement CoA
4.4 Configure endpoint identity management
15%
5.0 BYOD
5.1 Describe Cisco BYOD functionality
• 5.1.a Use cases and requirements
• 5.1.b Solution components
• 5.1.c BYOD flow
5.2 Configure BYOD device on-boarding using internal CA with Cisco switches and Cisco wireless LAN controllers
5.3 Configure certificates for BYOD
5.4 Configure blacklist/whitelist
10%
6.0 Endpoint Compliance
6.1 Describe endpoint compliance, posture services, and client provisioning
6.2 Configure posture conditions and policy, and client provisioning
6.3 Configure the compliance module
6.4 Configure Cisco ISE posture agents and operational modes
6.5 Describe supplicant, supplicant options, authenticator, and server
10%
7.0 Network Access Device Administration
7.1 Compare AAA protocols
7.2 Configure TACACS+ device administration and command authorization
Price per delegate
Please call us on 0141 221 5676, or email info@indiciatraining.com to discuss course prices.
Scheduled Classes
Remote Access:
13 – 17 Apr 2026
15 – 19 Jun 2026
17 – 21 Aug 2026
19 – 23 Oct 2026
Please complete the contact form below or call 0141 221 5676 for further course information and available dates.
Alternatively you can email us at info@indiciatraining.com
