Hello. This is Rick Williams.

In this recording I'll be providing an overview of

the lab environment I'll be utilizing in the series that goes over the labs
accomplished within Cisco's SISE class, Implementing and Configuring Cisco Identity
Services Engine.
The SISE class and its associated hands-on labs cover the principal capabilities of
ISE including its functions as a RADIUS server, its ability to integrate with
network access devices to provide port-level authentication over 802.1x and MAB,
also provides a demonstration of centralized web authentication capabilities, and
demonstrates its ability to integrate with identity sources such as Active
Directory and LDAP, among other things.
The class also covers principle features of ISE, including Guest Access Services;
ISE Profiler; BYOD, or Bring Your Own Device; also demonstrates compliance, also
known as posturing, and device administration over TACACS+, it's ability to act as
a TACACS server.
As we're looking at the lab diagram here, we can see in the center, starting off, a
device, a switch labeled 3k-Access. The switch itself is providing multiple
functions within the lab, including routing and segmentation, as we can easily see
here. And then ultimately we'll utilize it as a wired network access device, a
RADIUS client in conjunction with ISE, and it will provide the platform to
demonstrate all wired endpoint access within the lab, primarily the PCs that we see
listed there.
Over to the right, here we see the ISE. ISE-1 as a single node. It's initially set
up in a standalone deployment, but we'll break that up into pieces so we can check
out the modularity capabilities of ISE. It's running the latest version, ISE 2.6,
and currently licensed in demo mode, which allows a demonstration of all the
principle features of ISE.
Then immediately to the right there we see AD1, which will provide ultimate
integration with-- AD1 will be an Active Directory join point with ISE, and we'll
be able to authenticate using the user objects and groups within Active Directory
and demonstrate those capabilities over all integration. The AD server also is
providing basic functions for the lab itself, such as DNS and DHCP Multipurpose.
Then down here, lower left, we see the wireless environment, a virtualized WLAN
controller and a physical access point providing wireless network access to a
device. Again, from the perspective of ISE, the WLC will be a RADIUS peer and will
provide all the wireless access testing wireless endpoints, principally the iPad
that we see over on the far right there.
And then immediately to the right of the WLAN controller there is a Guest PC. The
Guest PC is, just as it says, indicating and providing the demonstrations for guest
type access. Principle thing that makes this different from the other PCs is that
it's not a domain member.
Then, as we get more into the inside of the environment, we see the Corp PC. The
Corp PC is a domain member, and we'll be demonstrating all the port-level
authentication capabilities using the Windows native 802.1x supplicant and
demonstrating how Active Directory provides capabilities in conjunction with ISE to
provide endpoint level services and authorization.
Then our principle device that we'll be working with, labeled the Admin PC, not a
domain member but used as a jump box, jump off point to provide administration a
browser-based and SSH-based based administration for the devices within the lab.
And then also provides a physical USB connection to a physical iPad within the
environment. The iPad will be our wireless endpoint, and also we'll demonstrate
capabilities of doing many of the labs on a wireless tablet-based device.