I am currently in the planning stages for implementing a corporate network, comprising two logical networks with separate domains, all within the same physical infrastructure.
One of these networks will be air-gapped from the public network, while the other will have controlled public access.
My challenge lies in implementing DNAC & ISE to enable automatic domain selection and endpoint provisioning based on the username, including VDIs.
Additionally, we aim to secure VDI users with data leak prevention and security measures.
I kindly request your valuable inputs for designing the network.