cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Ask the Expert- SD-WAN

How To: Meraki EMM / MDM Integration with ISE

10150
Views
2
Helpful
1
Comments

March 2015

Cisco Meraki’s Enterprise Mobility Management (EMM) software secures, monitors, manages and supports mobile devices deployed across mobile operators, service providers and enterprises. A typical Cisco Meraki EMM configuration consists of a cloud-based policy server and a mobile device client. However, often times the network is the only entity that can provide granular access to endpoints (based on ACLs, TrustSec SGTs etc.). It is envisaged that Cisco Identity Services Engine (ISE) would be an additional network based enforcement point while the cloud- based Cisco Meraki EMM policy server would serve as the policy decision point. ISE expects specific data from Cisco Meraki cloud EMM servers to provide a complete solution.

The following are the high level use cases in this solution.

  • Device registration - Non registered endpoints accessing the network on-premises will be redirected to registration page on Cisco Meraki EMM cloud for registration based on user role, device type, etc. In addition Meraki can also provision the device with corporate application e.g. AnyConnect (VPN), Jabber (Collaboration) etc .. so the user has secure access to corporate resources (per policy) when device is off-premises.
  • Remediation - Non compliant endpoints will be given restricted access based on compliance state Periodic compliance check– Periodically check with Cisco Meraki EMM cloud server for compliance
  • Ability for ISE administrators to issue remote actions on the device through the Cisco Meraki EMM cloud (e.g.: remote wiping of the managed device)
  • Ability for end users to leverage the ISE My Devices Portal to manage personal devices, e.g. Full Wipe, Corporate Wipe and PIN Lock.
Comments
Contributor

Hi,

 

This document is dated 2015, is there an updated version.

 

Appreciate your help.