Mobile Device Management (MDM) software secures, monitors, manages and supports mobile devices deployed across mobile operators, service providers and enterprises. A typical MDM product consists of a policy server, a mobile device client and an optional inline enforcement point that controls the use of some applications on a mobile device (like email) in the deployed environment. However the network is the only entity that can provide granular access to endpoints (based on ACL’s, TrustSec SGT’s etc). It is envisaged that Cisco Identity Services Engine (ISE) would be an additional network based enforcement point while the MDM policy server would serve as the policy decision point. ISE expects specific data from MDM servers to provide a complete solution
The following are the high level use cases in this solution.
Device registration- Non registered endpoints accessing the network on-premises will be redirected to registration page on MDM server for registration based on user role, device type, etc
Remediation- Non compliant endpoints will be given restricted access based on compliance state
Periodic compliance check – Periodically check with MDM server for compliance
Ability for ISE administrators to issue remote actions on the device through the MDM server (e.g.: remote wiping of the managed device)
Ability for end user to leverage the ISE My Devices Portal to manage personal devices, e.g. Full Wipe, Corporate Wipe and PIN Lock.
Hi, I am trying to set up a site to site VPN for one of our client with palo alto. However VPN phase 1 is not coming up and when I ran debug I am getting NO_PROPOSAL_CHOOSEN error even though both side are configured poperly setup is like b...
Remote Site - to HQ - Redundant ISPHello,I have am having an issue with a remote site redundant IPSEC tunnel config. When the remote site is on the primary IPSEC tunnel, the traffic from Host A to Host B is successful. When the primary link fails, t...
Hi everyone, I encounter a problem that really strange and tried different ways can't solve the ASA 5515 9.1 not able to allow traffic from inside to outside.Any suggest much appreciated. Keith Here is the sanitized config:asa# sh run: Saved:ASA Vers...
Is this considered a major upgrade or minor? I need to upgrade my Active / Standby Failover pair with 0 downtime. I will upgrade standby and reboot, when it comes up with 9.9 code, will it break the failover with 9.8(4)3 or stay in failover with erro...
Hi all,I'm working on setting up an IKEv2/IPSec VPN tunnel from an FTD (6.2) managed by FMC to Azure. The tunnel is up and icmp is working fine but our server engineer is reporting issues with RDP and domain controller replication.We're wondering if...