Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about how to deploy and configure Cisco Identity Services Engine (ISE) Version 1.2 and to understand the features and enhanced troubleshooting options available in this version, with Cisco expert Craig Hyps.
October 27, 2014 through November 7, 2014.
The Cisco Identity Services Engine (ISE) helps IT professionals meet enterprise mobility challenges and secure the evolving network across the entire attack continuum. Cisco ISE is a security policy management platform that identifies users and devices using RADIUS, 802.1X, MAB, and Web Authentication methods and automates secure access controls such as ACLs, VLAN assignment, and Security Group Tags (SGTs) to enforce role-based access to networks and network resources. Cisco ISE delivers superior user and device visibility through profiling, posture and mobile device management (MDM) compliance validation, and it shares vital contextual data with integrated ecosystem partner solutions using Cisco Platform Exchange Grid (pxGrid) technology to accelerate the identification, mitigation, and remediation of threats.
Craig Hyps is a senior Technical Marketing Engineer for Cisco's Security Business Group with over 25 years networking and security experience. Craig is defining Cisco's next generation Identity Services Engine, ISE, and concurrently serves as the Product Owner for ISE Performance and Scale focused on the requirements of the largest ISE deployments.
Previously Craig has held senior positions as a customer Consulting Engineer, Systems Engineer and product trainer. He joined Cisco in 1997 and has extensive experience with Cisco's security portfolio. Craig holds a Bachelor's degree from Dartmouth College and certifications that include CISSP, CCSP, and CCSI.
Remember to use the rating system to let Craig know if you have received an adequate response.
Because of the volume expected during this event, Ali might not be able to answer each question. Remember that you can continue the conversation on the Security community, sub-community shortly after the event. This event lasts through November 7, 2014. Visit this forum often to view responses to your questions and the questions of other community members.
Is there a way to create a do not decrypt rule for a set of domains or FQDNs? I do not see a URL tab in the the SSL ACP. Running 126.96.36.199 fmc. Closest alternative is to either know the destination IPs or hope the application tab has a match.
Ive got a series of demands from my customer that im trying to integrate into a AC/ASA/ISE Solution.We need to admit only compliant/registered devices into the network, they also want users to authenticate with username/pw + MFA (Azura multifactor Authent...
Hello, I was curious to see if anybody has any recommendations/best practices for geoblocking IPs on a Cisco ASA 5525. We'd like to block all foreign IPs, but not sure if this is a completely manual process or not. And if it is manual, do...
Hello, I would like to ask a question. I have a parent group with a policy A. This group has many child groups with policies B1, B2, ... Policy A will apply to child groups, or only the Bi policies? Thanks and regards, ...
So we have a brand new ASA5506 in a remote office. We configured a ikev2 ipsec tunnel to connect to the head office. The tunnel is up and working fine. There is a switch connected to inside and a /30 subnet between it and the firewall. We can access the s...