Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1461
Views
10
Helpful
1
Replies

NAC Implementation maturity process

carl_townshend
Spotlight
Spotlight

‎12-03-2020 12:37 AM

Hi Guys

Can any of the NAC experts on here give me a walkthrough of what a good implementation looks like.

For example, in my head I would have

 

1.Define what policies you want to implement

2.Discovery, how long would you leave it to discover, a few months ?

3.Iron out and identify any unknown devices

4.Switch on controls

5.Start to segment Corporate from OT/IoT

6.Start to look at remediation and integration with AV/Windows etc

 

This is my idea, what is everyone else doing? and in what timeline?

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-03-2020 03:15 AM

There are more steps - several books and many Cisco Live presentations cover ISE deployments so it doesn't make sense to try to condense them here.

Design is an important step to combine with your requirements. Only with those in hand can you create policies in the NAC (ISE).

Discovery can last anywhere from days for a small network to months for a large one.

We typically move from Monitor mode to Low Impact and then to Closed. Many organizations stop with Low impact mode.

Your step 6 assumes Posture (e.g. ISE Apex). Not everybody chooses to go that far as their requirements are met with a Base level of functionality.

Customers Also Viewed These Support Documents