Accepted Solutions
Since no reference was provided, I found the Cisco Validated Designs for Digital Manufacturing > Industrial Automation design guide > Cell/Area Zone Ring Topologies with the image Figure 13 Industrial Automation Network Model and IACS Reference Architecture showing the AAA/ISE server in Industrial Zone Level 3 :
> Is there a use case, where Identity Services are shared?
Definitely. Many customers like to have a centralized policy for simplicity when all managing all access control scenarios across manufacturing and other corporate sites, organizations, departments, etc.
> endpoints / supplicants are able to support Microsoft PKI
"Microsoft PKI" is a generic term and I don't know if this means Active Directory or Azure or something else. You can see "Domain Controller" sitting next to ISE which would be your AD so ... Yes.
Since no reference was provided, I found the Cisco Validated Designs for Digital Manufacturing > Industrial Automation design guide > Cell/Area Zone Ring Topologies with the image Figure 13 Industrial Automation Network Model and IACS Reference Architecture showing the AAA/ISE server in Industrial Zone Level 3 :
> Is there a use case, where Identity Services are shared?
Definitely. Many customers like to have a centralized policy for simplicity when all managing all access control scenarios across manufacturing and other corporate sites, organizations, departments, etc.
> endpoints / supplicants are able to support Microsoft PKI
"Microsoft PKI" is a generic term and I don't know if this means Active Directory or Azure or something else. You can see "Domain Controller" sitting next to ISE which would be your AD so ... Yes.
