03-14-2018 02:47 AM
Hi Team,
We are working on an opportunity of ISE with PoC currently in progress have some queries for which need clarity:
Thanks in advance for any help.
Thanks & Regards,
Yogesh Madhekar
Solved! Go to Solution.
03-14-2018 06:39 AM
Whether or not a device is authorized or not is a policy decision. ISE does clearly show which endpoints are hittin specific rules and reports can be run to show those that failed auth, rejected, or assigned a specific policy. We don't trigger alarms as this would be just noise in production deployment, but it is possible to send the auth logs to 3rd-party logger or event manager which triggers alarm of choice based on matching events.
Customers can leverage GPOs to configure AD clients for 802.1X. Other methods include MDM or ISE's own BYOD feature.
Yes, switchports can handle multiple auth type on single port including 802.1X, MAB, and Web Auth. This is called Flex Auth.
It recommend reviewing How To guides in our Community related to basic ISE setup and configuration including switch configuration.
03-14-2018 06:39 AM
Whether or not a device is authorized or not is a policy decision. ISE does clearly show which endpoints are hittin specific rules and reports can be run to show those that failed auth, rejected, or assigned a specific policy. We don't trigger alarms as this would be just noise in production deployment, but it is possible to send the auth logs to 3rd-party logger or event manager which triggers alarm of choice based on matching events.
Customers can leverage GPOs to configure AD clients for 802.1X. Other methods include MDM or ISE's own BYOD feature.
Yes, switchports can handle multiple auth type on single port including 802.1X, MAB, and Web Auth. This is called Flex Auth.
It recommend reviewing How To guides in our Community related to basic ISE setup and configuration including switch configuration.
03-15-2018 06:35 AM
Hi Craig,
For the 802.1x authentication customer is expecting for the automation through some script. Although have mentioned that it is not we include as a part of PoC and deployment scope.
03-14-2018 08:04 AM
Would recommend separating the issues so they can be addressed one by one
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: