My company is in the very early stages of an MDM BYOD project. As part of that we are looking at the Cisco Identity Service Engine (ISE) as a central piece. I am about half way through my testing and I thought that I would pass on some of what I have learned so far. I am far from being an ISE expert and I don’t mention profiling or the advanced features in this post. I have tried them but don’t feel knowledgeable enough to go into these details.
ISE is an excellent NAC system but it does much more than that. One of the advantages of trying to configure a new piece of technology yourself is that you learn much more and also other ways to increase the ROI. The main reason we are interested in ISE is as the enforcement point on our wireless network. When a device tries to connect to our BYOD network we want ISE to query the MDM server to verify if the device is registered and if not to redirect the device to the MDM provisioning portal. If the device is registered with MDM ISE will then query AD and verify the user credentials. This is a core function of ISE and went fairly well. Read More »
Tags: byod, Cisco Identity Service Engine (ISE), MDM, NAC
Secure access continues to be paramount for a connected world. People connect to the Internet for business and for personal use, from wired, wireless or mobile devices—locally and remotely. The Internet is a global system of interconnected networks. User devices, the Internet, and all computer networks are the target of a growing number of increasingly complex security threats. Let’s take a look at some recent trends from the Cisco Connected World Technology Report that speaks to the need for secure access:
- Three devices is the average per end user with the desire or mandate to work anywhere and anytime—how do we ensure control of all these devices?
- 71 percent of the next generation workforce will not obey the policies—how do we enforce policy?
- 60 percent will not be responsible for protecting corporate information and devices—how do we protect sensitive data?
- Mobile malware is growing; Android malware grew over 2000% from 2012 but is only 1% of the web malware encounter—how do we ensure secure connection from your mobile device and with web intensive users Read More »
Tags: cisco annual security report, Cisco Identity Service Engine (ISE), cisco live london 2013, Gartner Magic Quadrant, ISE, MDM, NAC, secure BYOD, security policy
It is so critical that we make it easier for people to get on and off the network in a secure fashion. Cisco has made incredible strides merging access control platforms that have done well over the years yet still required heavier configuration and/or manual intervention. Not any longer…The Cisco Identity Services Engine or ISE, is a game changer that has already been well received by the market and yet just keeps improving.
We featured the ISE in one of our Fundamentals animations but felt like even more could be done, especially in light of new wireless only pricing recently rolled out. This is a great step forward for a business looking to make incremental steps potentially starting now in an area that is always in need of improvement, guest access.
Read More »
Tags: aruba, borderless, byod, cleanair, identity services, iPad, iphone, ISE, management, mobility, NAC, Profiler, TechWiseTV, wireless
This post is the first in a new series we’ll be featuring called Your Questions: Answered. In this series, we track down the answers to partners’ toughest technical questions. You can submit your questions here, post on the Cisco Channels Facebook page, or drop us a note on Twitter.
When Cisco recently introduced the Identity Services Engine (ISE), you likely started fielding questions, with many customers concerned about whether Cisco Network Admission Control (NAC) and Cisco Access Control System (ACS) will cease to be supported or become end-of-life. (Kind of like how I felt when the iPhone 4 came out and I was stuck with the iPhone 3G).
To help you address customer questions, I went out looking for answers on what’s up with ISE, NAC, and ACS. First up, a little about ISE: It has similar functionality to NAC and ACS, combining the functionality of those two existing products onto a new platform. Your customers can gather information from users, devices, infrastructure, and network services to enable organizations to enforce contextual-based business policies across the network, create and enforce consistent policy from the head office to the branch office, and combine authentication, authorization, and accounting (AAA), posture, profiling, and guest management with this single product. And that’s just the beginning--I’ll share details on how to find out more about ISE later in this blog.
Back to the issue at hand — I chatted with Brian Sak, Cisco’s Consulting Systems Engineer and expert on Borderless Networks Security products. He filled me in on the most frequently asked questions that he’s been getting from partners around ISE.
Are NAC and ACS being replaced by ISE?
No, both NAC and ACS have ongoing roadmaps, developments, and new releases planned. If ISE does not meet your customer’s current needs, your customers can still use NAC or ACS. Cisco will not stop innovations on NAC and ACS anytime in the near future.
Should I encourage my NAC and ACS customers to migrate to ISE now?
The answer varies based on your customers and their requirements. Check out this handy chart in the Partner Community Discussion Forum (log in required) to help you determine if ISE is the right fit, right now for your customers.
Read More »
Tags: Access Control System, ACS, Cisco, FAQ, Guest Server, Identity Services Engine, ISE, NAC, Network Admission Control, partners, Posture, Profiler, SGT