I received request on depicting some of the ISE flows and therefore providing a collection that I compiled a while back. Some of the terms and use cases may be a bit dated, but core information still valid and hopefully useful to others.
IEEE 802.1X -Port-based Access Control with Authentication
IEEE 802.1X with Change of Authorization (CoA)
MAC Authentication Bypass (MAB)
Non-802.1X capable devices and no “user intelligence” behind
Local Web Authentication (LWA) Session Flow
Wireless Local Web Auth (LWA) Configuration
Wired LWA Config
Web Authentication
CWA – Session Flow
Wireless CWA Config
Wired CWA Config
Central Web Authentication (CWA) with ISE
dACL + URL-Redirect for CWA
Sample ACLs for CWA Redirection
Wired Device Registration Web Auth (DRW) Flow
Wired CWA Config
Wireless CWA Config
Wireless DRW Flow
Example of Profiling Flow with Multiple Probes
SNMP Query, SNMP Trap, RADIUS, DHCP Helper
Profiling without Probes
Direct Profiling using Client Provisioning (Posture Agent or NSP)
Probeless Profiling
Wireless 802.1X with Posture Example
802.1X End User Authentication with Posture
802.1X End User Authentication with Posture
Adding Posture to the Authorization Policy
BYOD Authorization Policy
Single SSID – Employee using PEAP
Dual SSID – Employee using CWA
Dual SSID – Guest using CWA
Dual SSID – Select Employees using CWA
Post-Supplicant Provisioning
Native Supplicant Provisioning (iOS Scenario)
Native Supplicant Provisioning (Android Scenario)