Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ISE and Kindle/Nook Devices

I was wondering if anyone had written any custom policy elements and profiling policies for Kindle and or Nook devices. We have a large quantity of users who are wanting to bring these devices in.

We are on ISE 1.1.4 with all patches installed. I looked through all of the pre-configured policy elements / policies and couldn't find any for these types of devices.

If anyone is on ISE 1.2, does it have policies already for these devices?               

Cisco Employee

Re: ISE and Kindle/Nook Devices

I don't think these devices are supported by Cisco ISE. Please see the attached compatibility matrix list.

New Member

Re: ISE and Kindle/Nook Devices

Well, it may not be compatible with their pre-configured rules. I was mainly asking if anyone had written any of their own custom rules and policy elements before I went and did so. Obviously, nobody has. So, I went under:

Policy -->Policy Elements-->Conditions-->Profiling

I then created one new condition called Kindle-Check1.

Type - DHCP

Attribute Name - host-name

Operator - CONTAINS

Attribute-Value - kindle

I then went to Policy -->Profiling-->Profiling Policies

I added one that used the condition above. As soon as I did close to 75 devices got profiled as Kindle devices and were allowed on the network.

So it works, you just have to create a custom condition and rule for it. It might not be perfect, given that users can change the host name of the device. Kindle Fire's are totally different in the sense that they run Android. Some get profiled as android, but the ones that don't are now getting profiled as Kindle devices.

CreatePlease to create content