OK, I am a new ISE user and definitely an early beginner on creating ISE policies. I have successfully created a policy that can determine if you are using a corporate asset or not and using 802.1x authentication grant you access to corporate resources or not. This policy also assigns the VLAN the user is placed into. Seems to work quite well so far at least as a baby step in policy creation.

Our building has different VLANS based upon floors and the like and I would like the policy(s) take this into consideration when assigning the VLAN. Is there a way to include which switch the postureing process is flowing through to assist in assigning the VLAN? I am thinking I would have separate policies based upon the switch / stack but not sure how to include that in the logic. I figured it would be similar to my policy where I check corporate assets and that you are wireless and that you have a valid AD account but have been unable to figure out the endpoint part. I have created network groups for my network devices but am stumped after that. Is there something else I should or could be doing instead? Do I need a completely different train of thought?    

Brent