My company is in the very early stages of an MDM BYOD project. As part of that we are looking at the Cisco Identity Service Engine (ISE) as a central piece. I am about half way through my testing and I thought that I would pass on some of what I have learned so far. I am far from being an ISE expert and I don’t mention profiling or the advanced features in this post. I have tried them but don’t feel knowledgeable enough to go into these details.
ISE is an excellent NAC system but it does much more than that. One of the advantages of trying to configure a new piece of technology yourself is that you learn much more and also other ways to increase the ROI. The main reason we are interested in ISE is as the enforcement point on our wireless network. When a device tries to connect to our BYOD network we want ISE to query the MDM server to verify if the device is registered and if not to redirect the device to the MDM provisioning portal. If the device is registered with MDM ISE will then query AD and verify the user credentials. This is a core function of ISE and went fairly well. Read More »
Tags: #ciscochampion, byod, Cisco Identity Service Engine (ISE), MDM, NAC
The other week I found myself chatting with a fellow healthcare (and Cisco) enthusiast on Twitter about alternative medicine and I experienced an Aha! moment – alternative medicine may soon have an entirely new face if it’s driven by consumer adoption of advanced (and in many cases, currently available) technologies.
Let me explain. I recently wrote a post about the true price of affordable healthcare, which focused on the innovative technologies that will help make healthcare more efficient overall by incorporating dynamic monitoring techniques as a means of prophylactic care. When I wrote that post, I didn’t realize I was actually describing a new age of alternative medicine!
When most of us think of alternative medicine (myself included), we initially associate it with traditional homeopathic remedies and elements from Eastern medicine like acupuncture and herbal therapies. Read More »
Tags: #ciscochampion, healthcare, Internet of Everything, IoE, Isaac Naor
If you’re in an SMB company you might think of telepresence as a tool built for enterprise, something that would be nice to have for your small business but just out of reach. You’d be wrong.
Video conferencing solutions like Telepresence and even web-based technologies like WebEx are more affordable than ever, making them a viable option for SMBs.
Read my full article for a closer look!
Tags: #ciscochampion, collaboration, small business, smb, TelePresence
It didn’t take long, but soon after the Los Angeles Unified School District began their rollout of some 650,000 iPads to their students, they ran into some technical issues. Students in at least one of LAUSD’s high schools quickly discovered a way to bypass the security on the devices. Still in Phase 1 of the program, only 15,000 of the devices have been given to students, but already the District has suspended home use of the iPads due to the security issues. According to reports, LAUSD had been using software that “lets school district officials know where the iPads are, and what the students are doing with them at all times. This software also lets the district block certain sites, such as social media favorites like Facebook.” There are now questions circulating around whether the LAUSD staff was well prepared for these devices and their implementation, and what is going to be done moving forward to continue the rollout and secure the iPads.
In my previous article I wrote about how educational staff need to be prepared to properly utilize iPads in their classroom. IT staff responsible for managing these iPads should also receive the proper training and preparation. What’s interesting to note here is that, at least in my experience, Apple’s stance on iPads in education is generally fairly hands-off. They recommend managing or locking down the iPads as little as possible. The idea here is that these are best served as single user devices and the best experience for the student is full ownership and manageability of the iPad out of the box. iPads aren’t meant to be used like a rolling cart of laptops going from room to room. They don’t support user profiles and managing or locking down the iPads introduces more complexity than is needed.
You want to protect the investment in these devices from theft, and prevent students from accessing inappropriate content, but if you are planning on allowing the students to take these devices home, you can only go so far. As evidenced from the LAUSD issue, students quickly discovered the iPads were so locked down they couldn’t use them at home, so they found a way to delete the configuration profiles which essentially removed any of the locks or restrictions on the iPad. Some students even went so far as to offer ‘unlocking’ service for $2. Quite the entrepreneurial spirit!
Now, it’s a daunting task for any IT department of any size to introduce over half a million new devices under your umbrella of responsibility. Add to this, that depending on the MDM solution chosen, each of these iPads have to be unboxed and configured before being handed to a student. Now, when something goes wrong they have to be collected, and reconfigured. It stands to reason that Phase 1 will remain a trial phase until some of these issues are worked out. Read More »
Tags: #ciscochampion, connected classroom, education, guest blogger, Internet of Everything, IoE, iPad, lausd
Dude, where’s my IP?
I love to check in on social networks like Foursquare and Google+. Most of the time, there’s no point to it, but it’s fun to see what friends and colleagues are up to or discover new local haunts. Despite the fun and games, location is much more important to the network than it appears. My physical location may have little or everything to do with my network location and there’s no reason for them to match exactly, but there are significant reasons to be more accurate.
Read More »
Tags: #ciscochampion, authentication, geo-location, geolocation, security, social networking