Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
397
Views
10
Helpful
2
Replies

Cisco ISE Cert spoof or transfer.

sixthreecisco
Level 4
Level 4

‎07-08-2015 09:01 AM - edited ‎03-10-2019 10:53 PM

I have a question about Cisco ISE and Certs.  Let's say I am using ISE and 802.1x and certs.  If a hacker or unauthorized user was able to spoof the MAC of an authorized machine, and was also able to transfer the ISE cert from the authorized machine to the machine that is spoofing the MAC, would the hacker's machine then be authorized?

Labels:
0 Helpful
2 Replies 2

jan.nielsen
Level 7
Level 7

‎07-09-2015 07:59 AM

Yes, they would need the private key of the machines certificate though, and they would not need to spoof anything, but just use the cert to do an actual authentication with it. But this is not really anthing to do with ISE, but just basic 802.1x

nspasov
Cisco Employee
Cisco Employee
In response to jan.nielsen

‎07-11-2015 07:50 PM

Jan is absolutely correct (+5). You can even set the private key to "non exportable" but with the proper tools you can still extract it. 

This is why TEAP is the way to go. I just wish Microsoft would wake up and realize this :)

Thank you for rating helpful posts!
Customers Also Viewed These Support Documents