02-26-2013 01:06 PM
I've done several ISE deployments with good results, but there is one environment where ISE is needed but not (yet) suitable:VDI. I have several customers who are extensivley virtualized for the desktop environment (80% or more) and who would benefit from user-based differentiated network access. For instance, Call Center users have no need to access Accounting resources. I understand where VSG fits in this picture, but that gives you VM to VM access-control. I am looking for user-based authorization. The guest VM's support 802.1x via their native suplicants.
This missing piece for this to work is 802.1x COA in Nexus 1000v, which is not available. I have not found a way around this lack. If anyone has a sugestion for implementing user authorization in a VDI environment, I would appreciate the input. Failing that, is 802.1x support in the 1000v on the roadmap?
I see that the 1000v now support SGT's. But without user authorization to assign them, this is pretty much useless.
09-11-2013 01:12 AM
I would also require this.
11-09-2013 07:47 PM
Might be very cool if you could do the MAB for server provisioning and not even security. The full solution with 802.1 X could still be done for the VDI with BYOD. I think it would awesome to see the product have the feature too. Good call out.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide