Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
813
Views
0
Helpful
3
Replies

Location based data access

Go to solution
tclausen1
Level 1
Level 1

‎06-19-2019 05:26 PM

New to ISE and I'm specifically interested in capability mentioned in a video, but Google results aren't helping.  Can someone tell me what features of ISE allow denial of access to a class of documents when a user is in a particular location or connected via VPN, which they would otherwise have access to while in the office?  Is there a term for this type of control?

Many Thanks.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee
In response to tclausen1

‎06-20-2019 03:47 AM

That’s what ise does inherently, you setup authorization rules that allow or deny access to certain resources in your network

Example if at locationX Switch then return certain authorization with ACLs be it IP acl or SGACL using SGT

I suggest you start with videos here to learn more about ISE
http://youtube.com/CiscoISE

Location based services with MSE aaa you said is not relevant to your ask. And this is old integration

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Mohammed al Baqari
Level 11
Level 11

‎06-19-2019 11:29 PM

You need to integrate MSE with ISE for location based authorization. See
this document.

https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine-software/200196-Location-based-authorization-with-Mobili.html
0 Helpful

Go to solution
tclausen1
Level 1
Level 1
In response to Mohammed al Baqari

‎06-20-2019 12:07 AM

"The purpose is to allow or deny access to wireless device based on their physical location."  Sorry, but this isn't what I'm describing.

 

One of Cisco's ISE videos dramatizes that "there is a policy that doesn't allow financial documents to be accessed from that country" while a user was traveling.  I'd like to understand what technology allows that control.  If it's what you've linked, I am missing where that is part of the capability.

 

Thanks.

0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee
In response to tclausen1

‎06-20-2019 03:47 AM

That’s what ise does inherently, you setup authorization rules that allow or deny access to certain resources in your network

Example if at locationX Switch then return certain authorization with ACLs be it IP acl or SGACL using SGT

I suggest you start with videos here to learn more about ISE
http://youtube.com/CiscoISE

Location based services with MSE aaa you said is not relevant to your ask. And this is old integration
0 Helpful
Customers Also Viewed These Support Documents