We are using ISE 2.1
I would like to create a new SSID called employee. When the employee authenticates, if we have identified that the device that the employee is using is owned by the company, we want to continue the authentication process and connect the user to the internal network.
If the employee is using a personal device, we want to detach them from the employee SSID and reauthenticate them to a different SSID connected to network which provides internet access, but is "outside" of the organization in terms of traffic flow.
I'm pretty sure ISE is capable of doing this, but I am not sure what the feature is I am looking for or how to configure. If anyone has an example config they can share that would be great!
Can anyone offer any insight?
Thanks.
Dave