Cisco ISE in a multi-vendor environment

Kia Seng Ronald Tan · ‎01-30-2013

Hi all

Would like to seek your feedback on using Cisco ISE is a multi vendor environment. We would like to use ISE to do 802.1x auth, profile and posturing on wired and wireless.

The wired is a mixture of Cisco switches and Alcatel switches.
The wireless is on Aruba AP/WLC

Have anyone got any experience in such successful role out?

Sent from Cisco Technical Support iPad App

Akhtar Samo · ‎01-31-2013

This might help you out.

"Certain advanced use cases, such as those that involve posture assessment, profiling, and web authentication, are not consistently available with non-Cisco devices or may provide limited functionality, and are therefore not supported with non-Cisco devices. In addition, certain other advanced functions like central web authentication (CWA), Change of Authorization (CoA), Security Group Access, and downloadable ACLs, are only supported on Cisco devices.""

http://www.cisco.com/en/US/docs/security/ise/1.1.1/compatibility/ise_sdt.html

shekharmore003 · ‎02-22-2013

If you just want to authenticate endpoints through ISE, you can use non-cisco devices but if you want to use CoA, Posture etc. you have to use Inline posture node.

mojuneja · ‎03-06-2013

Other Vendors Wireless access points support 802.1x authentication, however they don’t support other features provided by Cisco ISE. So in order to support those features we have to use IPEP.

You can refer following link for better understanding.

http://www.cisco.com/en/US/docs/security/ise/1.0.4/user_guide/ise10_ipep_deploy.pdf

manjeets · ‎05-21-2013

review the below link:

.

http://www.cisco.com/en/US/docs/security/ise/1.0.4/user_guide/ise10_ipep_deploy.pdf