Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
572
Views
0
Helpful
4
Replies

Ability to place BYOD endpoint in specific group during provisioning/onboarding

Go to solution
nspasov
Cisco Employee
Cisco Employee

‎04-16-2019 05:22 PM

One of my customers needs to place different BYOD devices in different endpoint groups during the BYOD onboarding/provisioning. However, the BYOD portal does not offer this functionality. Instead, the portal is tied to a specific endpoint group where all of the onboarded devices get placed. With that said, the customer does have HTML developers on staff where they can potentially custom write a BYOD portal to include a drop-down list that includes all of the different endpoint groups. However, I wanted to check if such setup/scenario/solution would work and be supported before going that route.

Thank you in advance! 

 

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎04-16-2019 07:12 PM

Right now the only way is to have different portals for different groups and there is no way to control who uses what portal. Workaround here under sponsor attributes can be used

https://community.cisco.com/t5/security-documents/ise-byod/ta-p/3641689#toc-hId--632482566

But personally I would go route of rolling your own with the APIs
Http://cs.co/ise-api

Please get this http://cs.co/ise-feedback to the ise product managers internally use cs.co/ise-pm

View solution in original post

0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee
In response to nspasov

‎04-16-2019 11:03 PM

There is no upload of any portals to interact with ise

Custom portal file uploads are just for basic html pages

You’d need to build on another server as we don’t allow cross site scripting access from use to itself on custom pages

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎04-16-2019 07:12 PM

Right now the only way is to have different portals for different groups and there is no way to control who uses what portal. Workaround here under sponsor attributes can be used

https://community.cisco.com/t5/security-documents/ise-byod/ta-p/3641689#toc-hId--632482566

But personally I would go route of rolling your own with the APIs
Http://cs.co/ise-api

Please get this http://cs.co/ise-feedback to the ise product managers internally use cs.co/ise-pm
0 Helpful

Go to solution
nspasov
Cisco Employee
Cisco Employee
In response to Jason Kunst

‎04-16-2019 07:44 PM

Thanks for the info Jason! I will provide the feedback to the PM-Community. 

Now just to confirm: Creating and uploading a custom HTML BYOD portal is not an option here?

0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee
In response to nspasov

‎04-16-2019 11:03 PM

There is no upload of any portals to interact with ise

Custom portal file uploads are just for basic html pages

You’d need to build on another server as we don’t allow cross site scripting access from use to itself on custom pages
0 Helpful

Go to solution
gbekmezi
Level 5
Level 5
In response to Jason Kunst

‎04-17-2019 06:50 AM

Hey Jason. I don’t know if this is something that’s been discussed before, but I think it may be interesting for ISE to support multiple notification methods for different events. In this case I’m thinking it would be interesting if a BYOD portal would allow for web hooks upon successful registration. This would allow for this requested functionality to be implemented using a devops model. Otherwise, the user would have to do something more complicated. Possibilities include:

Listen for Syslog events
Iterate through endpoints at some interval and validate owner, AD group membership and endpoint group are correct.

I know we don’t discuss roadmaps in public forums, so you don’t have to respond to this :). Just thinking out loud.

George
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents