Cisco Blogs

Cisco Blog > Perspectives

#CiscoChampion Radio S2|Ep 23. Cisco Hosted Identity Services

CiscoChampion200PXbadge#CiscoChampion Radio is a podcast series by Cisco Champions as technologists. Today we’ll be talking about Cisco Hosted Identity Services with Cisco Lead Architect Eric Eddy.

Listen to the Podcast.

Learn about the Cisco Champions Program HERE.
See a list of all #CiscoChampion Radio podcasts HERE.
Ask about the next round of Cisco Champions nominations. EMAIL US.

Cisco SME
Eric Eddy, Lead Architect for Cisco Hosted Identity Services

Cisco Champion Guest Host
Josh Warcop, @Warcop, Senior Consultant

Brian Remmel (@bremmel) Read More »

Tags: , , , ,

Why Isn’t It Easier to Customize Enterprise Mobility and Guest Portals?

Enterprises use Cisco ISE for securely granting access to visitors and on-boarding employee-owned devices over Wi-Fi. Portals for users to gain access are becoming more advanced, and the next step is for most customers to create a richer customized experience to:

Promote your brand to guests


Read More »

Tags: , , ,

Using Cisco ISE Data to Drive Enhanced Event Visibility in Splunk

Cisco Identity Services Engine (ISE) is commonly associated with use as a network access policy, BYOD and AAA platform. But to do its job in network policy, ISE collects a great breadth of telemetry about network users and devices. Whether a device is trying to access the network or is already connected, ISE knows specifics about:

  • What the device type is (e.g., iPad Air 2 running iOS 8.1.2)
  • How it is connected to the network (e.g., enterprise Wi-Fi)
  • From where (e.g., access point in “California/SanDiego/Building 2/Floor 3/South”)
  • Security and compliance posture of the device (e.g., Antimalware operating and up to date? PIN lock configured?)
  • Who the user is on the device…or if it even has a user (e.g., printer)
  • What policy and AD/LDAP group the user belongs to (e.g., “IT Admin” authorization group)
  • Related session IP address and MAC address

While ISE primarily uses all this telemetry to establish network policies, it also shares it for use by other IT platforms. By doing so, ISE helps these platforms become more identity and device aware and thus more effective in a variety of ways. And this is where Splunk comes in.

Read More »

Tags: , , , ,

Cisco ISE 1.3: Welcomed Improvements

I’ve finally had a chance to stop and smell the roses. The roses being Cisco ISE 1.3 that is. It’s been a much anticipated update to Cisco’s core TrustSec component and there are a number of improvements, many dealing with Guest users. So what has Cisco done to improve? Let’s look at 5 areas related to Guest access:

1.     End-User Web Portals
2.     Notifications
3.     Guest Portals
4.     Sponsor Portals
5.     Non-Guest Portals

End-User Web Portals

One of the new features that I really like is how the interface has been modified to centralize the portal configuration tasks and customization into a single location. The first thing you notice when you navigate to Configure Guest Access and Sponsor Access is that the interface is designed to make life easy. Three steps to Guest Access are overviewed and each step is clearly identified. We don’t usually find this information in the user interface. Normally we’re looking for this in an End User Guide or a Lab Guide for one of the courses I teach. So, in my opinion, this is a fresh new approach to making a complex device like ISE much easier to use.


Read More »

Tags: , ,

Extending control and advanced threat protection for web security

Today the web is a favorite vector for threat actors to launch their attacks. According to the Cisco 2014 Midyear Security Report, More than 90 percent of customer networks observed in the first half of 2014 were identified as having traffic going to websites that host malware. More recently, Talos uncovered a massive malvertising network known as Kyle and Stan. Some 31,151 connections were observed to the network’s 6,491 domains.

In an effort to continue offering the most comprehensive protection to our customers, today we are announcing several important new features and expanded threat protection for the Cisco Web Security Appliance (WSA).

Read More »

Tags: , , , , , , , , ,