ISE, NAC, and BYOD
These sessions cover the building blocks for a policy-based access control architecture for wired, wireless, and VPN networks using Identity Services Engine. Starting with basic user and device authentication and authorization using technologies like 802.1X, MAB, Web Authentication, and certificates/PKI, the session will show you how to expand policy decisions to include contextual information gathered from profiling, posture assessment, location, and external data stores such as AD and LDAP. The architecture will be expanded further to address key use cases such as Guest access and management, BYOD (device registration and supplicant provisioning), MDM policy integration, and 802.1AE (MacSec). Visibility and pervasive policy enforcement through VLANs, ACLs, and Security Group Access (SGA) will also be discussed. This session is intended for Network, Security and Systems Administrators, Engineers, and Managers that need to implement the next generation Unified Access Network.
Donate - Support Networkstr
Support Networkstr.com to continuo being online!
Help us build these products:
Thank You for your support!
Learn about Cisco Identity Services Engine and how to download the application software.
Learn how to install Cisco Identity Services Engine.
Learn how Cisco Identity Services Engine discovers what is on the network.
Learn how to set up Cisco Identity Services Engine for Secure Access.
Published on Oct 31, 2013
Learn how Cisco Identity Services Engine is configured for BYOD deployments.
Learn how to configure Cisco Identity Services Engine Guest Lifecycle Management.
Learn how to configure device posture with Cisco Identity Services Engine.
Learn how to use Cisco Identity Services Engine to monitor and troubleshoot network policy compliance.
This intermediate session focuses on recent and upcoming innovations in the IOS identity framework. Over the last decade, IEEE 802.1X has become the cornerstone of identity-enabled networks. With a new framework, we've taken the concept of identity-aware networking beyond 802.1X... because it's not just about security anymore. We're starting with a review of the three deployment models (Monitor Mode, Low Impact Mode, and Open Mode), highlighting best practices, benefits, limitations, and advanced features such as NEAT. Subsequently, we're going to show you a fresh approach which has been designed from the ground up to be extensible, flexible and agile to enable new use cases, address existing challenges and leverage the intelligence of the network. We will discuss the architecture, the policy model and various use cases demonstrating the new policy model. The target audience are security and network administrators and architects.
This session covers the building blocks for a policy-based access control architecture for wired, wireless, and VPN networks using Identity Services Engine.
This session explains how the combination of Security Group Tags extend context aware role based access control from the edge into the network. This session covers the protocols and functions that create a trusted network.
During this session, I will discuss in detail Cisco's Identity Services Engine's (ISE) use of RADIUS - both as a mechanism to determine the method of access by an endpoint as well as the manner by which ISE enforces policy upon the endpoint.
Cisco's Identity Services Engine (ISE) delivers context-based access control for every endpoint that connects to your network. This advanced session will focus on the advanced services of ISE, successful deployment strategies, integration with Cisco as well as third party network infrastructure, as well as deployment tips and tricks. We will examine best practices for Bring Your Own Device (BYOD) deployments with the most common mobile platforms, including multiple tiers of registered devices. We will perform a detailed examination of certificate usage including integration of ISE with your enterprise certificate authority (CA), endpoint certificate usage, and wildcard certificates. There will be a detailed examination of guest life-cycle management, including self-service and sponsored guest access models. Lastly, attendees will be introduced to troubleshooting and serviceability tips.
Cisco Identity Services Engine (ISE) delivers context-based access control for every endpoint that connects to your network. This session will show you how to design ISE to deliver scalable and highly available access control services for wired, wireless, and VPN from a single campus to a global deployment.