cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

5199
Views
1
Helpful
4
Replies
Highlighted
Beginner

Airwatch MDM integration with ISE

Any one know where I could find current documentation on integrating ISE and Airwatch? The only one I have found is from 2012.

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Cisco Employee

Hi Thomas,

I understand that certain documents are old. We are constantly refreshing the docs.

Here is a section where you should see the design docs.

ISE Design & Integration Guides

Thanks

Krishnan

View solution in original post

4 REPLIES 4
Highlighted
Cisco Employee

Hi Thomas,

I understand that certain documents are old. We are constantly refreshing the docs.

Here is a section where you should see the design docs.

ISE Design & Integration Guides

Thanks

Krishnan

View solution in original post

Highlighted

Dear all,

Do we have a newer version of integration guide with Airwatch, the above link to ISE Design & Integration Guides does not have any information, and the one in https://www.cisco.com/en/US/docs/solutions/Enterprise/Borderless_Networks/Unified_Access/AirWatchISE.pdf is dated 2013.

Our customer would also like to know about how to identify and allow only corporate Android devices without using certificate due to lock screen issue Disabling Android Lock Screen - SecureW2.

Other than MDM approach, is there any easier approach?

Tommy

Highlighted

Please reach out to airwatch for updated docs on their side since ours hasn’t changed much.

If you’re not using MDM or certs to separate the types of devices then I would think you could build an endpoint group with all the corporate device MAC addresses.

There might be other ways as well perhaps profiling on a sort of hardware that corporate has purchased but then you risk the case if someone has one as a personal device as well?

Highlighted

Adding to Jason's. Custom attributes for endpoints are available since ISE 2.1 and we may also use a specific set of users, nice long passwords, and different SSID, etc.

Android lock screen is a security feature and it's good for handsets. If your use case is kiosk or the like, you should probably consider a different client OS or propose to Google Android team to make it optional.

Content for Community-Ad