Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
884
Views
1
Helpful
1
Replies

ANC differences ISE 2.0 ISE 2.1

Go to solution
MarkoT
Cisco Employee
Cisco Employee

‎10-24-2016 04:14 AM

Hi everyone,

in ISE 2.0 we had more ANC actions than in ISE 2.1 :

In 2.0 we had :

     Quarantine, Remediate, Provisioning, Shut_Down, Port_Bounce

In 2.1 we have :

     Quarantine, Shut_Down, Port_Bounce

A client wants to implement the ISE so as to enable the Helpdesk to override te authorizatin in some cases ( VIP user has Authz problem for instance, so Helpdesk needs to authorize access manually ). My understanding is the ANC was made exactly to handle situations like this, yet it seems that we are missing the actions needed to have this kind of flexibility in 2.1

Can someone suggest a solution to have this kind of Helpdesk access to ISE ?

How do we solve this category of problems ?

Best regards,

Marko Tanaskovic

1 Accepted Solution

Accepted Solutions

Go to solution
Craig Hyps
Level 10
Level 10

‎10-24-2016 08:45 AM

You can use ANC to assign a policy which will trigger a CoA and grant authorization based on that ANC policy.  It sounds like that is what you want to achieve with ANC 2.0 and is possible in ISE 2.1.  The authorization assigned to ANC policy can be used to grant or restrict access.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Craig Hyps
Level 10
Level 10

‎10-24-2016 08:45 AM

You can use ANC to assign a policy which will trigger a CoA and grant authorization based on that ANC policy.  It sounds like that is what you want to achieve with ANC 2.0 and is possible in ISE 2.1.  The authorization assigned to ANC policy can be used to grant or restrict access.

0 Helpful
Customers Also Viewed These Support Documents