Chapter 4. Extending Network Access with ISE
In Chapter 2, “Basic Network Access Control,” we discussed 802.1X and MAC Authentication Bypass (MAB) and how to configure ISE and the network devices for it. As you probably realized, choice of authentication method depends on the endpoints being authenticated. On one side, classic enterprise-owned devices such as laptops and desktops support and can be easily configured for 802.1X. For a large enterprise, configuring thousands of devices using Active Directory Group Policy Objects (GPOs) is very easy. On the other side, common unmanaged devices such as printers and IP Phones can be granted access with MAB based on profiling results.
Unfortunately for network administrators, modern networks are no ...
Get Integrated Security Technologies and Solutions - Volume II: Cisco Security Solutions for Network Access Control, Segmentation, Context Sharing, Secure Connectivity and Virtualization, First Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
