Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

EPS or Black Lists???

Hello All,

Question about Cisco ISE.

What a difference between EPS and using blacklist indentity group?

In which case it preferable to use EPS or Blacklisting?

Best regards,

Everyone's tags (2)
3 REPLIES
New Member

EPS or Black Lists???

http://www.cisco.com/en/US/docs/security/ise/1.1/user_guide/ise_eps.html

EPS:

Endpoint Protection Services (EPS) is a service  that runs on the Cisco Identity Services Engine Administration node to  extend the monitoring and controlling of endpoints. You can use EPS to  monitor and change the authorization state of an endpoint without having  to modify the overall Authorization Policy of the system. EPS supports  both wired and wireless deployments.

Blacklist :

The Cisco ISE administrator can now  "blacklist" wireless user devices that get "lost," or otherwise become  unusable or are taken out of circulation, until the device is reinstated  or is completely removed from the network. Cisco ISE removes  "blacklisted" devices from the network, and they are not allowed on the  network again until the device is reinstated. In order to set up the  authorization policy in Cisco ISE, you also must ensure you add a  compatible dynamic ACL on any associated network access devices in your  deployment to manage these wireless users.

Bronze

EPS or Black Lists???

The Cisco ISE offers different ways to prevent a lost or stolen device from connecting to the network. The My Devices Portal allows the employee to mark a device as lost and prevent others from gaining unauthorized access with that device. In addition, if the device is connected to the network when the device is marked as lost, the ISE may issue a Change of Authorization (CoA) to force the endpoint off the network. The administrator is also able to blacklist a device and force the endpoint off the network. In addition, the administrator is able to use Endpoint Protection Services (EPS) to quarantine an endpoint from the network

Please check the below guide which may be helpful for you

http://www.cisco.com/en/US/docs/solutions/Enterprise/Borderless_Networks/Unified_Access/Managing_Lost_or_Stolen_Device.pdf

301
Views
0
Helpful
3
Replies
CreatePlease to create content