cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

142
Views
20
Helpful
2
Replies
Highlighted
Enthusiast

Network Access Control and cloud

I have a customer that start the journey to the cloud two years ago. 

The solution for the perimeter, ISE was selected.

Now after the covid-19, 90% of the workers will continues as teleworker. 

60% of the apps are SaaS including office 365.

Today, they don´t see the value of the ISE and the project is in standby.

My question is: is a NAC like ISE still a valid solution if today the perimeter doesn´t exits anymore?.

Thanks

2 REPLIES 2
VIP Advisor

Re: Network Access Control and cloud

This is very much opinion but here are a few things to think about.

In your scenario there are still 10% of workers that go in to an office. This means there are still offices and enterprise ports that can be exploited, ISE can still be used here.

The other initiative I have seen taking off is the concept of remote access points. Remote access points build a VPN tunnel into an enterprise headend, these have both wired ports and enterprise WLANs on them. This extends the footprint of the enterprise network in to the home, even more reason to leverage ISE for visibility and enforcement. You certainly want to know what is coming on the network in this scenario.

Another consideration could be the 40% of those apps that aren't public cloud/SaaS likely sit in enterprise private/hybrid data centers and require users or machines to VPN in. ISE can be leveraged to authenticate employees and their devices whether they are BYOD or enterprise owned. You can leverage posture assessments to ensure they meet the security policies of the enterprise, and you can grant varying levels of access based on this.
Highlighted
Collaborator

Re: Network Access Control and cloud

For teleworkers, we are using ISE with 3rd party Firewalls that have WiFi interfaces. Teleworkers use WiFi interfaces to access the corporate resource which are NACed by ISE, just RADIUS / EAP-TLS over WiFi.