I have ipad and authenticate from ISE. In our company someone is hacker and have the same model of ipad and put my ipad mac address in his ipad. Can he connect to network?? He also know the username and password.How ISE identify the hacker ipad? i
Yes he can access the network, moreover, if BYOD is supported , he can easily register any device using your AD credentials. One scenario, where he cant use that device is when devices with certificates installed manually ( no SCEP ). Then the device he would be carrying shouldnot be having certificate installed using your AD.
If the username and password are known then you are going to have bigger issues to worry about :) The iPad MAC address will not matter unless you are only using the MAC addrss to autenticate to the network. Even Profiling is not guaranteed to protect you against MAC spoofing.
A better way to protect your network is to use PKI (EAP-TLS autnentication)
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...