Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

Cisco ISE

Hello everyone.

I have such situation. I got specification for new project from last engineer who quit. And there is such system as Cisco ISE. I dont know what is it( And now my boss wants to know do we need to buy it or can we just setup our new network without it. Can any explain shorty what is it and can we set our network without it.

  • WAN Routing and Switching
Everyone's tags (2)
1 ACCEPTED SOLUTION

Accepted Solutions

Re: Cisco ISE

Depends on how secure you want your network.

For example it can be used to prevent unauthorised users from plugging their laptop into a data outlet and getting a valid IP. They can launch DDOS attacks or sniff packets etc etc.

Can also check the virus signature file on a PC. If it is not update it will put that PC is a quarantine VLAN and upgrade the software. Once completed it will then allow the PC to connect to the network.

4 REPLIES
Hall of Fame Super Gold

Cisco ISE

What is the exact part number ?

Cisco ISE

ISE-3315-K9

Re: Cisco ISE

Depends on how secure you want your network.

For example it can be used to prevent unauthorised users from plugging their laptop into a data outlet and getting a valid IP. They can launch DDOS attacks or sniff packets etc etc.

Can also check the virus signature file on a PC. If it is not update it will put that PC is a quarantine VLAN and upgrade the software. Once completed it will then allow the PC to connect to the network.

Cisco Employee

Cisco ISE

Hi Volodymyr,

Cisco  Identity Services Engine (Cisco ISE) is a next-generation identity and  access control policy platform that enables enterprises to enforce  compliance, enhance infrastructure security, and streamline their  service operations. The unique architecture of Cisco ISE allows  enterprises to gather real-time contextual information from networks,  users, and devices. The administrator can then use that information to  make proactive governance decisions by tying identity to various network  elements including access switches, wireless LAN controllers (WLCs), Virtual Private Network (VPN) gateways, and data center switches. Cisco ISE is a key component of the Cisco Security Group Access solution.

Cisco ISE is a consolidated policy-based access control system that  incorporates a superset of features available in existing Cisco policy  platforms. Cisco ISE performs the following functions:

Combines authentication, authorization, accounting (AAA), posture, and profiler into one appliance

Provides for comprehensive guest access management for Cisco ISE administrators, sanctioned sponsor administrators, or both

Enforces endpoint compliance by providing comprehensive client provisioning measures and assessing the device posture for all endpoints that access the network, including 802.1X environments

Provides support for discovery, profiling, policy-based placement, and monitoring of endpoint devices on the network

Enables consistent policy in centralized and distributed deployments that allows services to be delivered where they are needed

Employs advanced enforcement capabilities including Security Group Access (SGA) through the use of Security Group Tags (SGTs) and Security Group Access Control Lists (SGACLs)

Supports scalability to support a number of deployment scenarios from small office to large enterprise environments

For further information you can check the below link,

http://www.cisco.com/en/US/docs/security/ise/1.2/user_guide/ise_user_guide.html

192
Views
0
Helpful
4
Replies