https://community.cisco.com/t5/network-access-control/ise-licensing/m-p/3433244#M518544 <HTML><HEAD></HEAD><BODY><P>Thank you for the confirmation Jason!</P></BODY></HTML> Wed, 17 Jan 2018 21:37:27 GMT yohh 2018-01-17T21:37:27Z https://community.cisco.com/t5/network-access-control/ise-licensing/m-p/3433242#M518542 <HTML><HEAD></HEAD><BODY><P>Hey Team,</P><P></P><P>For Androids or iPhone's, do we need Apex Licenses if we want an EMM to push the certificate to the endpoint only? The customer does not want to make ISE policies based on EMM/MDM registration - just EAP-TLS certificates.</P><P></P><P>Is it a requirement to have an EMM /MDM integration for this? Based on the info above, I think only Base licensing is needed but I would like some confirmation.</P><P></P><P>Thank you!</P></BODY></HTML> Wed, 17 Jan 2018 21:23:22 GMT https://community.cisco.com/t5/network-access-control/ise-licensing/m-p/3433242#M518542 yohh 2018-01-17T21:23:22Z https://community.cisco.com/t5/network-access-control/ise-licensing/m-p/3433243#M518543 <HTML><HEAD></HEAD><BODY><P>You’re correct, if the MDM onboards the device certificate and you don’t have any authorization policies to check for compliance or registration then all we requires is BASE to do the EAP-TLS authentication. You would simply need to trust the client certificates authenticating again ISE</P></BODY></HTML> Wed, 17 Jan 2018 21:35:22 GMT https://community.cisco.com/t5/network-access-control/ise-licensing/m-p/3433243#M518543 Jason Kunst 2018-01-17T21:35:22Z https://community.cisco.com/t5/network-access-control/ise-licensing/m-p/3433244#M518544 <HTML><HEAD></HEAD><BODY><P>Thank you for the confirmation Jason!</P></BODY></HTML> Wed, 17 Jan 2018 21:37:27 GMT https://community.cisco.com/t5/network-access-control/ise-licensing/m-p/3433244#M518544 yohh 2018-01-17T21:37:27Z