Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2759
Views
5
Helpful
2
Replies

ISE endpoint identity groups

Go to solution
cgm
Level 1
Level 1

‎01-07-2022 12:21 PM

Hi, happy new year!

It used to be the case that profile type was not readily available to use in authorization policies, but that is no longer the case. So what is the current use case for identity groups ? Just a higher order classification ?

 

TIA,

-Carlos

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Damien Miller
VIP Alumni
VIP Alumni

‎01-07-2022 01:59 PM

It allows for a lot more freedom when grouping endpoints. A good example of this is using endpoint identity groups for static whitelists, or using them for iPSK. In both these cases you can have multiple endpoint types that wouldn't share the same profile but need the same treatment from an authz perspective. 


View solution in original post

0 Helpful
2 Replies 2

Go to solution
Damien Miller
VIP Alumni
VIP Alumni

‎01-07-2022 01:59 PM

It allows for a lot more freedom when grouping endpoints. A good example of this is using endpoint identity groups for static whitelists, or using them for iPSK. In both these cases you can have multiple endpoint types that wouldn't share the same profile but need the same treatment from an authz perspective. 


0 Helpful

Go to solution
cgm
Level 1
Level 1
In response to Damien Miller

‎01-07-2022 02:09 PM

Great, so a higher order classification it is then.

It surprised me though that as a classification, an endpoint can not belong to more than one group,

and being that Profiled is one of the branches, when an endpoint is moved to GuestEndpoints, you "loose" its original type so to say.

Customers Also Viewed These Support Documents