There is a constant evolution of security technologies and also Security threats, which makes the need for additional and enhanced visibility of the network. Cisco keeps on improving its Security portfolio, and this time I’m looking more closely at the Cisco Identity Services Engine. At a first glance, to me it looked like just an 802.1x solution with very complicated features.
I decided that I wanted to get more involved, and I have been working with the product for the last month in a more serious note this time, trying to understand the product I decided to make a list with important Features that are packed into the solution
What can Cisco ISE do?
The following is a short list of all the new enhancements on version 2.2 –> for more information follow the link
Ability to Detect Anomalous Behavior of Endpoints
Cisco ISE protects your network from the illegitimate use of a MAC address by detecting the endpoints involved in MAC address spoofing and allows you to restrict the permission of the suspicious endpoints.
ACS to ISE migration Tool Enhancements
Context Visibility Enhancements
User-based views have been added
Endpoint Identity Groups in Posture Policy
You can create posture policies based on the endpoint identity groups. The endpoint identity groups are listed in the Identity Groups column in the Posture Policy page
Wireless Setup
ISE 2.2 provides a very intuitive workflow to quickly set up common wireless use cases, such as, 802.1X, Guest, BYOD. In just a few steps, the setup workflow configures both ISE and a Cisco wireless controller, for a working end-to-end flow
A nice video about this last feature can be found here from Katherine McNamara
[youtube https://www.youtube.com/watch?v=wBlqpYz0A4g?rel=0&w=1280&h=720]
What to look forward to?
ISE keeps on improving usability and the ability to perform multiple things in your network. Expect a bit more coming from me in the next few weeks and months as I get more and more information about this solution
About the Author:
Andres Sarmiento, CCIE # 53520 (Collaboration)
With more than 13 years of experience, Andres is specialized in the Unified Communications and Collaboration technologies. Consulted for several companies in South Florida, also Financial Institutions on behalf of Cisco Systems. Andres has been involved in high-profile implementations including Cisco technologies; such as Data Center, UC & Collaboration, Contact Center Express, Routing & Switching, Security and Hosted IPT Service provider infrastructures.