Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1891
Views
0
Helpful
5
Replies

ISE and AppleTV restrictions

Go to solution
ericgarnel
Level 7
Level 7

‎05-14-2013 12:42 PM - edited ‎03-10-2019 08:25 PM

I am trying to find some documentation on using ISE to restrict access to an AppleTV.

My initial thought is to treat the AppleTV as a netwotk resource and enforce policies that way.

Any input is greatly appreciated

-Eric

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Richard Atkin
Level 4
Level 4

‎05-28-2013 10:29 PM

You can use ISE's Device Profiler to identify the device as an Apple TV, and you can then create an Authorisation Profile based on the AppleTV Endpoint Identity Group, and through that you can return particular VLAN / ACL instructions to your Network Device in order to restrict access.

Apple TV also supports 802.1x, so you could do similar but based on Username as opposed to the Profiler if you don't have the Advanced licenses.

Hope this helps?

Richard

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Richard Atkin
Level 4
Level 4

‎05-28-2013 10:29 PM

You can use ISE's Device Profiler to identify the device as an Apple TV, and you can then create an Authorisation Profile based on the AppleTV Endpoint Identity Group, and through that you can return particular VLAN / ACL instructions to your Network Device in order to restrict access.

Apple TV also supports 802.1x, so you could do similar but based on Username as opposed to the Profiler if you don't have the Advanced licenses.

Hope this helps?

Richard

0 Helpful

Go to solution
ericgarnel
Level 7
Level 7
In response to Richard Atkin

‎05-29-2013 03:51 PM

Richard,

Thanks,  your reply was very helpful. Do you know if ISE will support device self registration?

For example:  A college student brings his/her own AppleTV & wants to hook it up.  The ability to provision for such a device with little or no admin involvement would be great.

Eric

0 Helpful

Go to solution
George Stefanick
VIP Alumni
VIP Alumni
In response to ericgarnel

‎05-29-2013 04:00 PM

Hey Eric,
To add to Richards great post ... In order to do 802.1X on apple tv you need to push a profile with 802.1X security. You can't manually configure 802.1X on a Apple Tv. Also, i havent tested this, but I was told if the apple tv loses power, it also loses the 802.1X profile.

__________________________________________________________________________________________
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
__________________________________________________________________________________________
‎"I'm in a serious relationship with my Wi-Fi. You could say we have a connection."

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful

Go to solution
Richard Atkin
Level 4
Level 4
In response to George Stefanick

‎05-29-2013 11:30 PM

Hi George, it's not that they lose the Config if they lose power, they lose the time, which is kinda important when you're using PEAP/TLS! :(

Sent from Cisco Technical Support iPad App

0 Helpful

Go to solution
Richard Atkin
Level 4
Level 4
In response to ericgarnel

‎05-29-2013 11:28 PM

Hi, it does support self device registration yes... Look up the "my devices" feature.

Sent from Cisco Technical Support iPad App

0 Helpful
Customers Also Viewed These Support Documents