A good startingpoint / overview for Cisco ISE?

Started by dlots, November 20, 2015, 03:49:26 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

dlots

November 20, 2015, 03:49:26 PM
We are wanting to do per-user ACLs on our VPN, and it's looking like downloadable ACLs aren't going to scale well enough to really be usable.  I haven't ever really used a NAC or anything like that, but ISE looks like it should work.  Anyone know a good starting point?  I think I can do this without any software on the device it self unlike a normal NAC though.

wintermute000

#1
November 20, 2015, 05:06:12 PM
I haven't read it myself but this looks like where I'd start

http://www.ciscopress.com/store/ccnp-security-sisas-300-208-official-cert-guide-9781587144264

I'm getting sent on ISE training in March. Not sure whether to be happy or sad LOL

Netwörkheäd

#2
November 20, 2015, 09:49:22 PM
ISE does its thing with 802.1X. Forescout CounterACT does its thing with either 802.1X or straight CLI or SNMP commands. Both can do per-user ACLs, but it may scale better to use group ACLs. Talk about your requirements some more...

Sent from my SM-N900P using Tapatalk

Let's not argue. Let's network!
Print
Go Up Pages1
User actions