Hi,
Customer currently uses ASA to directly integrate with RSA kind of solution to provide 2 factor authentication mechanism for VPN user access. We're considering to introduce ISE to this picture, and to offload posture analysis from ASA to ISE. And the flow we're thinking is to have ASA interface to ISE and ISE interface to RSA and AD backend infrastructure. And we still need the 2 factor authentication to work, i.e., customer gets a SMS code in addition to its login username and password. I'm wondering if ASA/ISE/RSA/AD integrated solution (and with 2 factor authentication to work) is a tested solution or Cisco validate design? Any potential issue may break the flow?
Thanks in advance for any input!
Tina