Filter authorization by end user applications on iOS and Android

DavidOnTheLeft · ‎08-23-2012

Is there any way to filter out users that don't have a specific app or aren't running a specific service on their phone/tablet when connecting to a network?

Stephen Rodriguez · ‎08-23-2012

You need something to profile the devices, which may end up being a mix between MDM and ISE, depending on what all you really are needing to do.

take a look at the specs for ISE, and see what all it can do, and what pieces you can use.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

edondurguti · ‎08-23-2012

As of right now (I am running cisco ise 1.1.1) ISE cannot authorize clients based of what apps they have on their devices, but it can profile them based on type of devices and set them different access, ACL, VLAN etc.

Stephen Rodriguez · ‎08-23-2012

that is where the MDM would come into play. If they are your users devices, joined to the MDM, you are able to set mandatory and restricted apps. You can even use the MDM to remove the connection profile if they install a restricted app.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

Tarik Admani · ‎08-25-2012

Also ISE 1.2 is coming with API that the mdm devices can you use in order to control devices as they come in to your network. I dont know what those features are but my assumption is that it can blacklist users once the MDM appliance detects that they dont meet your policies.

Thanks,

Tarik Admani
*Please rate helpful posts*

Filter authorization by end user applications on iOS and Android devices on ISE?