Solved: EPS use case

zmainedsnz · ‎05-13-2013

I never truely understand what the feature of EPS in ISE is and I can't seem to find lot of information on that. Just by reading the user guide it seems to be fairly similar to Posture.

Could anyone give a real world use case or comparison with Posture?

Tarik Admani · ‎05-13-2013

Hi,

EPS is a way to contain or control users based on their ip address. A good example would be if your IPS ever detected an anamoly from a client with in your network. You can go over to the EPS and quarantine the user based on the ip reported by your IPS. You will need to build a quarantine authorization profile for this to come in full circle.

It does not have to be limited to posturing, you can use it to disconnect or push a dACL to a switch port if your design supports this.

Thanks,

Tarik Admani
*Please rate helpful posts*

View solution in original post

Tarik Admani · ‎05-13-2013

Hi,

EPS is a way to contain or control users based on their ip address. A good example would be if your IPS ever detected an anamoly from a client with in your network. You can go over to the EPS and quarantine the user based on the ip reported by your IPS. You will need to build a quarantine authorization profile for this to come in full circle.

It does not have to be limited to posturing, you can use it to disconnect or push a dACL to a switch port if your design supports this.

Thanks,

Tarik Admani
*Please rate helpful posts*

zmainedsnz · ‎05-14-2013

Thanks Tarik.

Jatin Katyal · ‎05-14-2013

Further to Tarik's post, Just wanted to add a link in case you are intrested to read more about Endpoint Protection Services

http://www.cisco.com/en/US/docs/security/ise/1.1.1/user_guide/ise_eps.html#wp1219717

Jatin Katyal

- Do rate helpful posts -

~Jatin