Cisco ISE Traning

StaunchyStaunchy Member Posts: 180
Hi,

Have anyone here attended the the cisco training course "Implementing and Configuring Cisco Identity Services Engine" and wrote the exam 500-254?

I have been working a bit on Aruba ClearPass but never touched ISE so I'm excited to see how ISE compares to ClearPass.
2016 Goals: CCNP R&S, CCNA Security, CCNP Security
LinkedIn

Comments

  • BuhRockBuhRock Member Posts: 71 ■■□□□□□□□□
    I took the Global Knowledge course. I sat for the exam shortly after. I suggest using cbt nuggets video along with the course. The simlets on the test are pretty easy though. You will def be able to do those with ease after the bootcamp.
  • IristheangelIristheangel Mod Posts: 4,133 Mod
    I took the class and passed the exam. Pretty easy stuff but I felt the exam and content wasn't super great tbh. I got more out of reading and labbing on my own than I ever did with that class.

    As far as how ISE stacks up with Clearpass, I'm a bit bias so I'll just put that out of the way but I love ISE over Clearpass. This is coming from someone who went through the nightmare of ISE 1.1 and now madly loves ISE 2.0. Like Clearpass, it integrates with third-party MDM solutions and has TACACS+ and provides that same intelligence just like Clearpass. I don't think Clearpass supports EAP-chaining yet from my understanding but it's been awhile since I used it.

    They also didn't support custom profiles back when I used it.So if Clearpass didn't have a profile already for the device (i.e. non-dot1x cheap ass CCTV camera some random site buys and plugs in), we would have been stuck doing basic MAC whitelisting which wasn't a very secure solution in our minds


    ISE also has some cool integrations. I've been labbing and documenting Pxgrid lately which is pretty badass. I can basically have ISE sharing information with a Pxgrid Client (Lancope, Checkpoint Firewalls, Splunk, WSA, etc)and depending on the functionality of the Pxgrid client, you can also add quarantining into the mix i.e. I can create a correlation policy on my firewall to send a message to ISE to quarantine an endpoint if a certain policy is triggered (i.e. verified threat, impact 1 intrusion event, malware detected, etc)as well as create an unquarantine condition to do the exact opposite. With Splunk, you can pretty much have all that information gathered from ISE and do the same thing from the Splunk console and Lancope as well. The ISE ecosystem on what it can integrate with is pretty large and getting larger: Partner Ecosystem - Security - Cisco
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
Sign In or Register to comment.