Chapter 3. Beyond Basic Network Access Control
The previous chapter, “Basic Network Access Control,” focused on network access authentication, authorization, and accounting (AAA), the process of validating who and what is allowed to access the network before providing that access. Within that scope, Chapter 2 focused on access controls for strong identities with 802.1X, as well as how to use MAC Authentication Bypass (MAB) to deal with the devices that do not have a (configured) supplicant.
For all authentication mechanisms, the authorization decision can include many different attributes, including the attributes of the endpoint type that is connecting to the network.
Besides the active authentication with 802.1X that ISE is well known for, ...
Get Integrated Security Technologies and Solutions - Volume II: Cisco Security Solutions for Network Access Control, Segmentation, Context Sharing, Secure Connectivity and Virtualization, First Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
