Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
70
Views
0
Helpful
0
Replies

Tuning and detect unauthorized device connect to network

Da ICS16
Level 1
Level 1

‎07-10-2024 02:45 AM - last edited on ‎07-10-2024 04:05 AM by Cisco Employee

Dear Community,

To prevent from Cyber Attack / advanced attack we are checking to enhance more security with ISE.

Hence, we would seek your  support and advice how to tuning stronger defend and how to detect/blocked/dropped for untheorized devices ( external/ outside devices ) including BYOD, PC, Hub... try to connect to our internal network.

1. Incase NAD config with low-impacted mode ( multi-auth ) is there any Pro and Con?

2. ISE integrates with Active Directory. Using EAP-TLS for trusted machine certificate and MSCHAPV2 for user. Any recommend / suggestion on it?

3. Do we have good practice for MAB profiling beside OUI base?

4. Is it possible that ISE will send email to notify us while having any bad attempt?

5. Is there require other protocols?

6. For Window OS we understand with EAP-TLS and how about operating system "macOS" ? Is it properly working with EAP-TLS or not. If yes, why? If not, why?

Objective: ISE will detect /alarm when unauthorized to try connect/attempt/compromised than we can perform remediation on time or ISE auto reject/drop session during that time.

Thanks for your commend/supporting.  

 

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents