Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
938
Views
10
Helpful
3
Replies

ISE Trust Sec

adamgibs7
Level 6
Level 6

‎06-09-2018 02:29 PM - edited ‎02-21-2020 10:57 AM

Dears,

I am really new to trust sec and we have a ISE in a corporate, how I can take benefit of trust sec if I am having ASA-SM as a core datacenter firewall and ASA-5525X on a perimeter firewall and 2960XR switches on the access layer with IP base licenses

 

I am using following features of ISE which fits to my corporate also trust sec will fit but I don't know how I can design and implement trust sec feature. I can say it is a replacement of CDA ( context directory Agent) or it does much more than CDA ???

  1. Any connect client for Dot1x
  2. Posture
  3. Profiling
  4. VPN users authentication
  5. Tacacs administration
  6. Pxgrid with firepower

Thanks

1 person had this problem
Labels:
0 Helpful
3 Replies 3

Rob Ingram
VIP
VIP

‎06-09-2018 02:42 PM - edited ‎06-09-2018 02:45 PM

Using ISE you can assign a Trustsec TAG (SGT) to each user/computer, this is defined in the authorization policy, and can be assigned depending on AD group membership and/or whether the user passes or fails posture etc. These SGTs can be used in the firewall ruleset to permit/deny access. If you integrate ISE with Firepower using pxgrid you can initiate user quarantine if their computer has malware etc.

 

This link is the best place to start for TrustSec information

adamgibs7
Level 6
Level 6
In response to Marvin Rhoads

‎06-16-2018 03:42 PM

Dears

Thanks for the reply,

+5 to you both, I will reply further on this post as I have many question on the trust sec.

 

Regards

0 Helpful
Customers Also Viewed These Support Documents