08-01-2018 04:48 PM - edited 03-11-2019 01:47 AM
Hi Folks,
We are working for a customer for ISE POC, standalone node running in 2.3. Basically the use case is if the customer copy the certificate from their machine and install in different machine, the ISE should need to access reject/prevent authentication for the new machine or generate some kind of alert saying the certificate is duplicated or copied? Can we do demo this test case?
Any help here.
Solved! Go to Solution.
08-04-2018 07:57 PM
The certificate provisioning done by ISE BYOD puts the endpoint's MAC address in the SAN of the certificate so that we may use this pre-build policy rule, which has a condition MAC_in_SAN, to verify.
08-04-2018 07:57 PM
The certificate provisioning done by ISE BYOD puts the endpoint's MAC address in the SAN of the certificate so that we may use this pre-build policy rule, which has a condition MAC_in_SAN, to verify.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: