Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3093
Views
0
Helpful
1
Replies

ISE pre auth acl

cisco8887
Level 2
Level 2

‎11-16-2015 04:39 AM - edited ‎02-21-2020 05:36 AM

Hi All,

I am trying to learn a bit more about ISE and how it works.

Am I correct assuming Pre-Auth  acl is only used when the client is not authenticated ?

Once authenticatedm is  a new acl applied depending on all permissions allowed?

is a command sent to the ise eveytime the user is sending traffic to ensure the user is authorised to send the traffic out ?

What book do you suggest for reading?

Many thanks

0 Helpful
1 Reply 1

nspasov
Cisco Employee
Cisco Employee

‎11-21-2015 10:09 PM

Yes, the pre-auth ACL is there until the user/machine is authenticated and authorized. Then the pre-auth ACL gets replaced with a dACL that you push from ISE via an authorizaiton profile. The dACL remains in place until that session ends or a CoA is issued and a new policy is applied. 

For more info I recommend reading the following guides:

http://www.cisco.com/c/en/us/support/security/identity-services-engine/products-implementation-design-guides-list.html

I hope this helps!

Thank you for rating helpful posts!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card