Building an Enterprise Access Control Architecture with ISE
This session covers the building blocks for a policy-based access control architecture for wired, wireless, and VPN networks using Identity Services Engine. Starting with basic user and device authentication and authorization using technologies like 802.1X, MAB, Web Authentication, and certificates/PKI, the session will show you how to expand policy decisions to include contextual information gathered from profiling, posture assessment, location, and external data stores such as AD and LDAP. The architecture will be expanded further to address key use cases such as Guest access and management, BYOD (device registration and supplicant provisioning), MDM policy integration, and 802.1AE (MacSec). Visibility and pervasive policy enforcement through VLANs, ACLs, and Security Group Access (SGA) will also be discussed. This session is intended for Network, Security and Systems Administrators, Engineers, and Managers that need to implement the next generation Unified Access Network.