ISE_DAY_1:

SCOR:
Secure Network Access,Visibility,and Enforcement.

Actual ISE concept starts from CCNP Security.

Policy in security means Rules.
Any modifications in the default properties is known as Policies.

Brief idea about the ISE:

ISE->GUI based Device.
1st Authentication:Network Authentication.
2nd Authentication:Device Authentication.

Overall concept behind the ISE:

A-Authentication.
A-Authorization.
A-Accounting.

3 ways to access the network:

1).Wired cable.
2).Wireless.
3).VPN.
---------------------------------------------------------
Eg:100 devices in the network requires:
Authentication:Username and Password.
Authorisation:Privelage Level[Privelage Level range:0 to 15].
Accounting:Loged-In/Out details and Commands used by the User.

Manually mention all the Username and Password along with their IP address in the
notebook.
Solution:
Configure ISE in a network with Usernames and Passwords and connect all the End
devices with the ISE.
Usernames and Passwords are registered with the ISE.
ISE acts as a Centralized server.
Configure Username and Password on each and every End device.

In ASA,Local Keyword.
Local means Local Database[Manual configuration] of the Router[Configured Username
and Password].

Tools in the corporate:

Username remains same.
Passwords would be modified on all the End device by using the Tools in a fraction
of seconds.

Laptop->Switch->Esxi server.

Two types of Databases:

1).Local Database of the End device[Router].
2).Remote Database of the End device[ISE[Centralised server]].

Syntax for ISE:

line vty 0 4
login ISE

Network Authentication and Device Authentication are happens via the ISE.
---------------------------------------------------------
Examnple:
Procter means Examiner.
Pod-1.
---------------------------------------------------------
ISE is used for the Network Management.
ISE is used for the Device Management.

Main[Core] Topics in ISE:

1).Device Administration[Protocols:TACAS,RADIUS].
2).Network Administration[Protocols:MAB,dot1x Authentication].
3).BYOD[Bring Your Own Device][Basic network access].
4).Web-Authentication[Authentication happens with the help of the browser].
5).Profiling.
6).Provisioning.
7).Pxgrid[Integration protocol].
ISE integration with FTD.
-----------------Brief idea about ISE completed-----------

ISE requires only the following Knowledge:

No Routing protocols is required in ISE.
Only TCP and UDP knowledge is required.
TCP protocol.no.
UDP protocol.no.
Telnet port.no.
HTTP port.no.
HTTPS port.no.
SSH port.no.
---------------------------------------------------------
Only Router[LAN].

ISE versions:
ISE-1.X.
ISE-2.X.
According to our syllabus,ISE-2.4.
In corporate,ISE-2.6.
---------------------------------------------------------
In corporates/Big networks,
Usernames and Passwords are configured in the AD server[Microsoft Product]/LDAP.
---------------------------------------------------------
CCIE is the collection of all the security devices.
1.0Perimeter Security and Intrusion Prevention[ASA,FTD,NGIPS].
2.0Secure Connectivity and Segmentation[VPN].
3.0Infrastructure Security[SNRS].
4.0Identity Management,Information Exchange, And Access Control[ISE].
5.0Advanced Threat Protection and Content Security[].
---------------------------------------------------------
Amit sir told that he requires 30 classes for the ISE to be completed.

Work on two types of Labs:

1).EVE-NG in the starting.
2).Esxi server.

Physical Access for the Esxi server:

90 GB RAM.
Requirement:
Terminal server-1.
Access point-1.
IP Phone-1.
3750 switch-1.
Physical Routers-2.
PC-1.

Amit sir takes 16 days to complete 8 classes.

---------------------------------------------------------
ISE_DAY_2: