Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
716
Views
0
Helpful
3
Replies

EPS or Black Lists???

almazmazitov
Level 1
Level 1

‎10-29-2013 03:08 PM - edited ‎03-10-2019 09:02 PM

Hello All,

Question about Cisco ISE.

What a difference between EPS and using blacklist indentity group?

In which case it preferable to use EPS or Blacklisting?

Best regards,

Labels:
0 Helpful
3 Replies 3

blenka
Level 3
Level 3

‎10-30-2013 05:30 PM

http://www.cisco.com/en/US/docs/security/ise/1.1/user_guide/ise_eps.html

EPS:

Endpoint Protection Services (EPS) is a service  that runs on the Cisco Identity Services Engine Administration node to  extend the monitoring and controlling of endpoints. You can use EPS to  monitor and change the authorization state of an endpoint without having  to modify the overall Authorization Policy of the system. EPS supports  both wired and wireless deployments.

Blacklist :

The Cisco ISE administrator can now  "blacklist" wireless user devices that get "lost," or otherwise become  unusable or are taken out of circulation, until the device is reinstated  or is completely removed from the network. Cisco ISE removes  "blacklisted" devices from the network, and they are not allowed on the  network again until the device is reinstated. In order to set up the  authorization policy in Cisco ISE, you also must ensure you add a  compatible dynamic ACL on any associated network access devices in your  deployment to manage these wireless users.

0 Helpful

aqjaved
Level 3
Level 3

‎11-03-2013 08:35 AM

The Cisco ISE offers different ways to prevent a lost or stolen device from connecting to the network. The My Devices Portal allows the employee to mark a device as lost and prevent others from gaining unauthorized access with that device. In addition, if the device is connected to the network when the device is marked as lost, the ISE may issue a Change of Authorization (CoA) to force the endpoint off the network. The administrator is also able to blacklist a device and force the endpoint off the network. In addition, the administrator is able to use Endpoint Protection Services (EPS) to quarantine an endpoint from the network

Please check the below guide which may be helpful for you

http://www.cisco.com/en/US/docs/solutions/Enterprise/Borderless_Networks/Unified_Access/Managing_Lost_or_Stolen_Device.pdf

0 Helpful
Customers Also Viewed These Support Documents