08-02-2018 03:51 AM
Hi team,
I know it's a recurrent topic but the only documentation we seem to have is this guide from back 2013 "Cisco TrustSec How-To Guide: Segmenting Clients and Servers in the Data Center Using the Cisco Nexus 1000V Series Switches": https://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise/design-zone-security/segmenting_clients_servers_guide.pdf
Therefore, do we have any plans to validate and document the integration of ISE with other VDI solutions i.e. Citrix, VMware, Microsoft etc.. Can you please share any estimated timeline if there's one?
Thanks,
Oriol
Solved! Go to Solution.
08-03-2018 09:14 AM
Note that there is also the TS-Agent that will send Passive ID info from term server to ISE which will get published to subscribes such as FTD today which includes the IP and port range assigned to connecting client, but Passive ID does not currently instantiate a session with SGT mapping. EasyConnect provides this (RADIUS authorization with optional SGT) for wired clients today when Passive ID method is WMI.
08-03-2018 01:05 AM
Hi,
we are currently working on developing an agent to sit on windows/Citrix servers to provide the IP differentiation required for TrustSec/group based policies.
A release by the end of the year is the target.
Regards, Jonothan.
08-03-2018 09:14 AM
Note that there is also the TS-Agent that will send Passive ID info from term server to ISE which will get published to subscribes such as FTD today which includes the IP and port range assigned to connecting client, but Passive ID does not currently instantiate a session with SGT mapping. EasyConnect provides this (RADIUS authorization with optional SGT) for wired clients today when Passive ID method is WMI.
02-24-2019 01:20 AM
08-03-2018 09:14 AM
Note that there is also the TS-Agent that will send Passive ID info from term server to ISE which will get published to subscribes such as FTD today which includes the IP and port range assigned to connecting client, but Passive ID does not currently instantiate a session with SGT mapping. EasyConnect provides this (RADIUS authorization with optional SGT) for wired clients today when Passive ID method is WMI.
02-21-2019 04:14 AM
Do you have any updates on development of that agent sitting on Citrix servers?
02-25-2019 04:31 AM
Latest information from the Product Manager:
"We're collecting customer information to enrich the business justification that we're putting together to secure funding to complete the project.
Is there any information you can share about the customer (number of users, Microsoft Server version XenApp/Desktop version, deal value,..) or the partners interest (is the partner seeing a demand for this)?"
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide