« back to news

Cisco ISE Enterprise and Security v3

Date
April 2020

Overview

Connect your local Cisco Access Point (AP) to the 9800 Wireless Controller and Cisco Identity Services Engine (ISE) in dCloud to demonstrate secure wireless access with 802.1X, Guest, and BYOD!

About Identity Services Engine (ISE)

The Cisco Identity Services Engine (ISE) offers a network-based approach for adaptable, trusted access everywhere, based on context. ISE gives you intelligent, integrated protection through intent-based policy and compliance solutions. And it is all delivered with streamlined, centralized management that lets you scale securely in today’s market.

About Catalyst 9800

With business-critical applications running on billions of wireless devices, your users need a wireless network that is always on, secure, and flexible. The Cisco Catalyst 9800 Series Wireless Controllers combine the best of RF excellence with IOS XE benefits. These are the industry’s most reliable and highly secure controllers, ready to deploy anywhere–including the cloud of your choice. They provide operational ease and save time and money.

About Stealthwatch

Stealthwatch has been added to provide you visibility into the network activity of devices and active associated users in the demo environment through integration with the session network infrastructure and ISE via pxGrid. This gives you the ability to show display application and encryption details provided by NBAR2 and ETA features of network hardware as well as identity and SGT information.

What’s New

  • Updated ISE 2.7 patch 1 to give access to more guest features (not in a scenario) and to fix issues for BYOD for iPadOS and Android EST.
  • Moved from IP based ACLs to using Scalable group tags (SGTs) for differentiated access with a CSR1kv.
  • Added Stealthwatch to enable pxGrid Context sharing.
  • Documentation moved to new platform.

Scenarios

Guest Access Management

  • Scenario 1: Guest Internet Access with Hotspot
  • Scenario 2: Self-Registered Guest Access with Sponsor Approval
  • Scenario 3: Sponsored Guest Access

Device Onboarding and Management

  • Scenario 1: Device Onboarding for BYOD
  • Scenario 2: Device Management
  • Scenario 3: Stealthwatch

Secure Access

  • Scenario 1: Secure Access (802.1x) Differentiated Access

Resources