Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1183
Views
0
Helpful
1
Replies

Cisco ISE - Diff bet EasyConnect visibility mode and enforcement mode

muthumohan
Level 1
Level 1

‎01-14-2022 03:00 AM

Hello All,

I understand how EasyConnect works in general, but I am unable to fully understand the difference between Cisco ISE EasyConnect visibility mode and Enforcement mode.

As per Cisco SISE training,

For Visibility mode;

Authentication method is set to Easyconnect visibility and source is identity mapping-RADIUS

For Enforcement mode;

Authentication method is set to External Web Authentication (EWA) and source is identity mapping-RADIUS

I am not sure what the above two sentences mean. Any clarification on what these modes mean would be appreciated.

thank you,

Mohan

 

 

Labels:
0 Helpful
1 Reply 1

ericsmi
Level 1
Level 1

‎01-14-2022 09:32 AM

In EasyConnect Visibility Mode, we are just collecting the information about the session via AD and RADIUS-MAB. After the user has logged in there is no COA sent back to the NAD.

 

In EasyConnect Enforcement mode we will now pass a policy down to the NAD after ISE gets notified from AD and RADIUS-MAB about the login. ISE will use a COA to NAD and will pass a policy to the NAD for enforcement.

 

Eric Smith

CCSI

0 Helpful
Customers Also Viewed These Support Documents