ISE 2.0 now features integration with Cisco Mobility Services Engine (MSE) which enables administrators to grant access to users specifically based on their location.
Currently, the definition of a location on a network is very static and is based on the network switch that a user came through to access the network. Location hasn’t been based on the real, geographic, location of a user, who might be moving around, frequently changing location (even location within a specific building). As an example, you might want to grant a doctor in a hospital access to patient records or access to certain applications while in an emergency, but when that doctor moves to the medical lab, maybe they should no longer be able to access those same records or applications.
The location-based authorization enabled by the integration of Cisco Mobility Services Engine (MSE) with ISE 2.0 increases the granular control administrators have and the ability to be more sensitive in their access authorization. MSE will also help administrators enforce location-based policies by periodically checking for location change and automatically reauthorizing the user if a location change is detected. Finally, ISE 2.0 make the configuration of location-based policies with MSE more simple and streamlined—you can define user access policies leveraging the same management tools already available through ISE.
This is currently supported with MSE 8.x, it is not supported with CMX (MSE 10+). Please reach out to sales team to request feature.
I am currently running interim release 9.6(4)42. I want to upgrade one last time before I cannot get contract support next November. Can anyone recommend a good major release that is stable. We use Firepower 220.127.116.11 with an FMC. We also run Anyconnect 4.7...
Hello, guys.Cannot find info if we can upgrade NAM from ASA ?Does someone know if it is possible ?AnyConnect itself upgrades successfully from ASA but AC and NAM versions should match.In addition to this NAM installation breaks up network connectivity so ...
Hello, I am curious to know , if a Cisco VPN AnyConnect is configured and for Posture of this VPN we use Cisco ISE , how Cisco ASA forwards the traffic to Cisco ISE when it does Posture. I have 2 Cisco ISE and I know that PSN is always Active Active ...
My customer got WSA S695 appliances and want to connect to 10G. In Datasheet and hardware guide I don't see P1 and P2 interfaces can be replaced with 10G port.