Hi,
Looking at the overall rollout of ISE across our organization. As I understand it we start in monitor only mode (current) and from there we roll it out to wired first and the wireless afterwards (per Cisco use case).
I'm trying to figure out what our next step is. As I see it we've got a lot of work ahead of us:
Configure switchports to support dot1x
configure ISE certificates and CAs
configure wired clients to use dot1x
configure devices that cannot do dot1x to use MAC
Review logs on ISE to ensure we didn't miss anything on the wired side
activate policies for wired
(similar process then for wireless and byod)
I'm having difficulty finding a doc that spells all the above out and the order in which it should be performed, so this is the best I've got.
Does anyone have any config docs or recommendations on how to make this go smoothly?
Thanks,
JonM
