Dear Community,
To prevent from Cyber Attack / advanced attack we are checking to enhance more security with ISE.
Hence, we would seek your support and advice how to tuning stronger defend and how to detect/blocked/dropped for untheorized devices ( external/ outside devices ) including BYOD, PC, Hub... try to connect to our internal network.
1. Incase NAD config with low-impacted mode ( multi-auth ) is there any Pro and Con?
2. ISE integrates with Active Directory. Using EAP-TLS for trusted machine certificate and MSCHAPV2 for user. Any recommend / suggestion on it?
3. Do we have good practice for MAB profiling beside OUI base?
4. Is it possible that ISE will send email to notify us while having any bad attempt?
5. Is there require other protocols?
6. For Window OS we understand with EAP-TLS and how about operating system "macOS" ? Is it properly working with EAP-TLS or not. If yes, why? If not, why?
Objective: ISE will detect /alarm when unauthorized to try connect/attempt/compromised than we can perform remediation on time or ISE auto reject/drop session during that time.
Thanks for your commend/supporting.