The Configuring Cisco ISE Essentials for SD-Access (ISESDA) v1.0 is a 2-day instructor-led or virtual training course that shows you how to deploy the Cisco Identity Services Engine (ISE) to support the Software-Defined Access (SD-Access) solution within your enterprise networks. You will gain an understanding of how Cisco ISE is utlitized by the SD-Access solution to provide security policies across the organization. You will learn Cisco ISE fundamentals and get hands-on practice configuring ISE, policies, AAA client configuration, VPN access, integration, wireless guest access, and more.


Upon completion of this course, you should be able to:
  • Describe Cisco ISE policies and authentication and authorization process
  • Understand different AAA protocols
  • Understand how Cisco ISE fits into Cisco DNA Center architecture
  • Provide configuration examples of Cisco ISE and TrustSec solutions
  • Describe Cisco ISE integration with Cisco DNA Center and policy enforcement using Security Groups
  • Provide configuration examples for wired, wireless, and VPN network access
  • Understand how inline tagging and SGT Exchange Protocol (SXP) works


  • Cisco ISE Overview
    • Examining the Cisco Identity Services Engine
    • Examining AAA protocols
    • Examining Authentication
    • Integrating ISE with Active Directory
    • Examining Authorization
    • Exploring AAA Client Configuration
  • Cisco ISE Guest Access
    • Examining Guest Portal Types
    • Examining Guest User Types
    • Configuring Cisco ISE AAA Policy
  • Cisco ISE and SD-Access
    • Exploring Cisco SD-Access
    • Examining Cisco ISE for SD-Access
    • Examining SXP
Lab outline
  • Introduction to ISE and Active Directory (AD) Integration
  • Configuring ISE AAA Policies
  • Configuring AAA Clients and Verifying AAA Operations
  • Configuring Wireless Guest Access (Optional)
  • Configuring VPN Access

Prerequisite Knowledge

To fully benefit from this course, you should have the following knowledge and skills:
  • Understanding of network routing and switching principles equivalent to the Cisco CCNA certification level