cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
 
ISE 2.3 Patch 7 has been posted. This will be the last patch for the ISE 2.3 release!
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

387
Views
0
Helpful
1
Replies
Cisco Employee

Dot1x Supplicants for Windows MAC OSX

Dears,

 

My Customer is seeking to enable Dot1x on Managed and Unmanaged devices (Windows and MAC OSX).In order to provide a secure access to Customer network, Supplicants should be provisioned to endpoints to support dot1x settings prior to implementation, However pushing these agents from ISE may fails as user should have administrative privilege.

 

Table 44: Supplicant – Supplicant Types TBD

Devices Type

OS

Authentication Supplicant

Posture Agent

 

 

Supplicant

Deployment

Agent

Deployment

Managed Devices for Employee

Windows

AnyConnect Network Access Manager

GPO

ISE-Posture Agent

GPO

MAC OS

MAC OS Native Supplicant

GPO

ISE-Posture Agent

GPO

Unmanaged Devices for Employee/Non-Employee

Windows

Windows Native Supplicant

Manual

ISE Temporal Agent

Manual

MAC OS

MAC OS Native Supplicant

Manual

ISE Temporal Agent

Manual

 

So what I am asking for are

  1. Dot1x configuration Docs for Native Supplicant on Windows 7, 8, 10
  2. Dot1x Configuration Docs for Native Supplicant on MAC OSX  Doc
  3. Related Docs to ISE Temporal Agents.
  4. Does MAC OSX can Join AD Domain ? how to check if MAC is already joined? From Windows I can check registry for domain, Does it applicable from MAC side?
  5. Any recommendations J .

 

Thanks again for your time and hope get your response ASAP.

1 REPLY 1
Cisco Employee

Re: Dot1x Supplicants for Windows MAC OSX

How does the customer expect to deploy macOS supplicants via GPO? I assume this really means MDM policy (such as jamf (formerly Casper suite)?

 

There are a slew of documents that exist (and books, in fact) on this topic. https://community.cisco.com/t5/security-documents/identity-services-engine-ise-community-resources/ta-p/3621621#Resources  for starters.

 

Aaron