Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
355
Views
0
Helpful
1
Replies

ISE + sandbox

gacs
Cisco Employee
Cisco Employee

‎11-06-2017 01:20 AM

Hi Team,


In Windows browser (https://blogs.windows.com/msedgedev/2017/03/23/strengthening-microsoft-edge-sandbox/) there is a sandbox.  It creates a different TCP stack on Windows machine, and this is causing problems with ISE - ISE it treating this “sandbox” as separate machine and is trying to authenticate it. Do we have any solution for such scenario?

I got this answer from Hsing-Tsu, but maybe we have a strategy for this challenge :

"It seems this MS Edge sandbox app container has its own MAC address so ISE considers it as a separate endpoint. As it not capable of DOT1X, MAB is the only thing I can think of. If it associated with some particular OUI or MAC address pattern, we may profile and put such into some particular endpoint profile and/or endpoint group and authorize them accordingly. "


Thank you!


Best regards, Gyorgy

0 Helpful
1 Reply 1

howon
Cisco Employee
Cisco Employee

‎11-06-2017 02:11 PM

Gyorgy, can you elaborate on the issue? So when user opens up a edge browser, does it initiate a MAB?

0 Helpful
Customers Also Viewed These Support Documents