Choose one of the topics below for resources to help you on your journey with ISE
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC!
We will not comment or assist with your TAC case in these forums.
I know we can control the number of sessions per user
Is there a way to alert if a user attempts more then one login, while policy permits multiple logins?
This would be ISE 2.3
Maybe Stealthwatch integration
This was introduced in ISE 2.3. Go to Administration > System > Settings > Max Sessions.
You can choose to enforce Maximum session based upon user, group
This applies to Internal ISE Users and groups only. Also the enforcement is the max PER POLICY NODE. Here's the page in the Admin Guide:
There is no alarm to alert the same user logging more than once.
Like Charles and Ognyan said, ISE 2.2+ has max sessions to limit per user, which applies to external users as well, and per internal-user-group. These settings are per PSN, unlike the guest max sessions, which are per deployment.
That is correct. This is mainly used for RADIUS authentications.
It's not working well for T+, due to some existing bug, such as CSCvg26552.
I have not tested it with certificates myself but am expecting it working with the username/subject based on the cert auth profile(s).
Sure, we are looking into multiple PSN. Please discuss your use cases and customer requirements with our PM.