Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2335
Views
0
Helpful
5
Replies

ISE

Go to solution
miracle_david@yahoo.com
Level 1
Level 1

‎08-08-2020 07:28 AM

Hi gentlemen,

What do these terms do?   1. dot1x    2. Posture Assessment

Can FirePower do what ISE does?

Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP
In response to miracle_david@yahoo.com

‎08-10-2020 06:28 AM

It's probably a matter of opinon and experience on which is more complex to configure. Posture assessment is more secure, it is usually configured to compliment 802.1x. Without 802.1x you authenticate the user to the network, combine that with posture assessment you determine whether the user is authenticating to the network using a laptop that complies with the organisation's security policy (i.e. is AV, AM or FW installed and running).

 

Refer to the Posture configuration guide for more information.

https://community.cisco.com/t5/security-documents/ise-posture-prescriptive-deployment-guide/ta-p/3680273

 

Client provisioning is used to deploy the agent to the connecting devices.

 

HTH

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Rob Ingram
VIP
VIP

‎08-08-2020 08:33 AM

Hi,

802.1X is used to authenticate devices/users to a wired or wireless network.

https://en.wikipedia.org/wiki/IEEE_802.1X

 

Posture assessment is used in ISE to determine the state of a device, for example whether it is running Anti-Virus, Anti-Malware or Personal firewall before permitted access to the network.

https://community.cisco.com/t5/security-documents/ise-posture-prescriptive-deployment-guide/ta-p/3680273

 

No Firepower is a Firewall, this is a separate solution to ISE, it does not perform 802.1x authentication.

 

HTH

0 Helpful

Go to solution
miracle_david@yahoo.com
Level 1
Level 1
In response to Rob Ingram

‎08-10-2020 06:08 AM

Thanks for your great reply. Is there any similarity between "Posture Assessment" & "dot1x"? Which one is more complex to deploy? Which one has more stricter features for security?
What does Client Provisioning do?
0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to miracle_david@yahoo.com

‎08-10-2020 06:28 AM

It's probably a matter of opinon and experience on which is more complex to configure. Posture assessment is more secure, it is usually configured to compliment 802.1x. Without 802.1x you authenticate the user to the network, combine that with posture assessment you determine whether the user is authenticating to the network using a laptop that complies with the organisation's security policy (i.e. is AV, AM or FW installed and running).

 

Refer to the Posture configuration guide for more information.

https://community.cisco.com/t5/security-documents/ise-posture-prescriptive-deployment-guide/ta-p/3680273

 

Client provisioning is used to deploy the agent to the connecting devices.

 

HTH

0 Helpful

Go to solution
thomas
Cisco Employee
Cisco Employee

‎08-10-2020 01:44 PM

Since you are new to ISE and access control, I would recommend watching some of our past ISE Webinars that cover these topics:

 

0 Helpful

Go to solution
miracle_david@yahoo.com
Level 1
Level 1
In response to thomas

‎08-10-2020 11:47 PM

Hi sir, I'm very gratitude & grateful for sharing webinars & considering my query. If you have other webinars regarding security like FirePower or other ISE features I'd be glad to watch them.
God bless you!
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents