Replay:

Start with 7 free days of training.

Gain instant access to our entire IT training library, free for your first week.
Train anytime on your desktop, tablet, or mobile devices.

Implementing Cisco Secure Access Solutions

This Implementing Cisco Secure Access Solutions (SISAS) (300-208) video training course addresses the concepts and implementation of secure access using 802.1X and Cisco Identity Services Engine (ISE). Topics covered include certificates, MAC authentication Bypass (MAB), AnyConnect Network Access Manager (NAM), active directory integration, authentication and authorization policies, profiling, posturing, MACsec, TrustSec, Sponsor Portals, BYOD, and more....
This Implementing Cisco Secure Access Solutions (SISAS) (300-208) video training course addresses the concepts and implementation of secure access using 802.1X and Cisco Identity Services Engine (ISE). Topics covered include certificates, MAC authentication Bypass (MAB), AnyConnect Network Access Manager (NAM), active directory integration, authentication and authorization policies, profiling, posturing, MACsec, TrustSec, Sponsor Portals, BYOD, and more.

Recommended skills
  • CCNA Route/Switch and CCNA Security certification (or equivalent knowledge and skills)
  • Knowledge of Microsoft Windows
  • CCNA Security is a pre-requisite for the CCNP Security certification

Recommended equipment:
  • Switch
  • Windows AD
  • Identity Services Engine (ISE)
  • AnyConnect suite (NAM and profile editor)
  • 1 or more PCs to connect to switch

Related certifications:
  • CCNP Security. This course (SISAS exam # 300-208) is part of the curriculum in the Cisco Certified Network Professional Security (CCNP© Security) certification

Related job functions:
  • Network engineer
  • Network technician
  • Network designer
  • Security analyst
  • Security auditor
  • Penetration tester
  • Security architect
  • Technical manager


The focus of this course is to assist you in learning how to implement and manage network access security using Cisco Identity Services Engine (ISE) and 802.1x solutions. The CCNA Wireless course is highly recommended as wireless access can be closely integrated with ISE.
 show less
1. Course Introduction (3 min)
2. ISE, ISE, Baby (24 min)
3. 802.1x Wired (40 min)
4. CA Certificates (19 min)
5. 802.1X MAB (27 min)
6. AnyConnect Supplicant (18 min)
7. ISE and AD (31 min)
8. Authorization Profiles (36 min)
9. Web-Based User Authentication (31 min)
10. What is Posture? (7 min)
11. Preparing ISE for NAC Provisioning (6 min)
12. Provisioning NAC agents from ISE (13 min)
13. Posture Compliance (13 min)
14. Profiling Endpoints (12 min)
15. What are MACsec and TrustSec? (6 min)
16. Implement TrustSec (10 min)
17. ISE Personas (4 min)
18. Sponsor Portal Concepts (5 min)
19. Implement an ISE Sponsor Portal (7 min)
20. BYOD (4 min)
21. Final Thoughts for SISAS (3 min)

Course Introduction

00:00:00

My name is Keith Barker, and on behalf of the entire CBT Nuggets family, I'd to welcome you to this course on Implementing Cisco Secure Access Solutions. Let's begin. It has been scientifically proven that it's pretty tough to get something out of a Nugget if you don't watch it, so one of the first orders of business is to schedule time so that you and I can go through these Nuggets together.

00:00:23

And one of the questions I get all the time is, how do I get really good, like in the top 5% or 10% of my field in some technology or some area? And one of the big secrets of that is making sure that you practice and do hands-on with virtually everything that we're learning.

00:00:37

And one of the best ways of doing that is to create a practice lab-- not your production network-- a practice lab where you can experiment and test and learn in a safe environment. So for this course, Implementing Cisco Secure Access Solutions-- or affectionately called SISAS, in putting a lab together you're going to want to have a copy of some flavor of Windows Server with Active Directory.

00:00:58

Because we can use Active Directory as a centralized repository for user accounts and group membership in implementing our access control on our networks. You're going to want to have a copy of ISE, the Identity Services Engine. And they do have evaluation copies of ISE as well.

00:01:12

So for example, if you've got the ISO for ISE-- and in this course using version 1.2-- because that is what the certification is based upon. And even as you and I talk, version 1.3 is out, but it's not an earth changing significant difference. And because the certification is based on 1.2, that's what I used in this course.

00:01:31

And to deploy ISE-- the Identity Services Engine-- in this course, I used VMware's workstation. You could also deploy that on an ESXi host or as part of vSphere-- if you have those environment available-- as well. You'll also want access to Cisco's AnyConnect suite.

00:01:46

And I call it a suite because it's more than just the AnyConnect VPN software. Also, AnyConnect has a thing called a Network Access Manager, which has an 802.1x supplicant that we could run on a computer. And it also includes several editors including a profile editor that will come in handy in managing and working with our profiles for the network access manager.

00:02:06

In your lab environment you'd also want a switch that supports 802.1x commands. And then you'll want one or more client PCs that you can practice and test with that are physically connected to that switch. So in the lab environment that you and I are going to be going through together in this course, these are the components that I'm using in my lab.

00:02:24

One other item I like to add is that CCNA Wireless is also a beneficial set of Nuggets because it focuses on secure access solutions for our wireless clients that may be coming in through an access point, which is managed by a wireless LAN controller. And the training regarding those specific aspects-- the wireless LAN controller and the access point-- those are covered in the CCNA Wireless course.

00:02:45

And on the CBT Nuggets website if you open up that course, you can see the individual Nuggets in that course and then pick and choose based on the titles and the descriptions of which Nuggets may be most relevant or important for you to view. And the reason I bring out the CCNA Wireless is that I'm not going to replicate any information that's currently in CCNA Wireless because it's already available on the CBT Nuggets website as a set of Nuggets that cover those topics.

00:03:08

I had a boatload of fun in creating and putting these Nuggets together as part of this course. And I'm super excited about going through it Nugget by Nugget with you. And as we go through this together, I'd like you to imagine that you and I are sitting side by side going through the content together.

00:03:22

Because as I recorded this, I did it through visualizing that you are sitting there right next to me and we're simply having a fantastic time together-- you and I going the content together. So I'm intentionally keeping this introduction very short so that you and I can jump right into the content and that starts in our very next Nugget.

ISE, ISE, Baby

802.1x Wired

CA Certificates

802.1X MAB

AnyConnect Supplicant

ISE and AD

Authorization Profiles

Web-Based User Authentication

What is Posture?

Preparing ISE for NAC Provisioning

Provisioning NAC agents from ISE

Posture Compliance

Profiling Endpoints

What are MACsec and TrustSec?

Implement TrustSec

ISE Personas

Sponsor Portal Concepts

Implement an ISE Sponsor Portal

BYOD

Final Thoughts for SISAS

Please help us improve by sharing your feedback on training courses and videos. For customer service questions, please contact our support team. The views expressed in comments reflect those of the author and not of CBT Nuggets. We reserve the right to remove comments that do not adhere to our community standards.

comments powered by Disqus
Intermediate 6 hrs 21 videos

COURSE RATING

Training Features


Practice Exams
These practice tests help you review your knowledge and prepare you for exams.

Virtual Lab
Use a virtual environment to reinforce what you are learning and get hands-on experience.

Offline Training
Our iOS and Android mobile apps offer the ability to download videos and train anytime, anywhere offline.

Accountability Coaching
Develop and maintain a study plan with one-to-one assistance from coaches.

Supplemental Files
Files/materials that supplement the video training.

Speed Control
Play videos at a faster or slower pace.

Bookmarks
Included in this course
Pick up where you left off watching a video.

Notes
Included in this course
Jot down information to refer back to at a later time.

Closed Captions
Follow what the trainers are saying with ease.
Keith Barker
Nugget trainer since 2012