How do you or your organization use this solution?
Please share with us so that your peers can learn from your experiences.
We are resellers. We provide and deploy solutions for our customers. Cisco ISE (Identity Services Engine) helps the operation to automate.
I am a reseller. I provide solutions to our customers. We used Cisco ISE for Wi-Fi implementation for one project at the International Airport.
The solution is primarily used for authentification purposes.
My clients are small to enterprise-size companies using this networking solution. One of my clients is a leading pharmaceutical manufacturing company, providing genetic medicine. The network they have has approximately 5,000 device inventory. Additionally, I have a couple of clients in the banking industry in the USA that has quite a large networking infrastructure using this solution.
This solution ties into our Cisco Duo and Cisco AnyConnect connections to help us authenticate against the active directory and Cisco Duo multifactor authentication. It takes metrics about the connections that are connecting it and allows us to set up a rule against them. For instance, if a Windows device is not all the way up to date, we can put a message up that says, "Before you're able to connect, please do your Windows updates as they haven't been done in six months." As this solution allows AnyConnect to authenticate with the active directory in the backend, the users won't directly use it. Still, it will be in use throughout the login process into Cisco AnyConnect as a source of authentication. With this solution, we don't require anyone for maintenance.
Our use cases are based around dot1x. Basically wired and wireless authentication, authorization, and accounting. In terms of administration, only our networking team uses this solution. Probably five to ten administrators manage the whole product. Their role pretty much is to make sure that we configure the use cases that we use ISE for — pretty much for authenticating users to the wired and wireless networks. We might have certain other advanced use cases depending on certain other business requirements, but their job is pretty much to make sure all the use cases work. If there are issues, if users are complaining, they log into ISE to troubleshoot those issues and have a look at the logs. They basically expand ISE to the rest of the network. There is ongoing activity there as well. The usage is administrative in nature, making sure the configurations are okay, deploying new use cases, and troubleshooting issues.
We use ISE for security group tagging in terms of guests and visitors who access the network to make sure that they actually go through this to control their privilege access to ensure they don't actually access the internal network, etc. Our clients use ISE as a form of security policy management so that users and devices between the wired, wireless, and VPN connections to the corporate network, can be managed accordingly. Take a house for example. Sometimes you need to access a room via a certain keyhole, so you use a key that is unique to that door. With ISE, you can segment this process in terms of policy management based on the security tag. You actually grant the user access based on the tagging. That's the IT trend — saving a lot on operating costs to manage the different users and access methods. Within our company, we have roughly 200 employees using this solution.
The primary use case is to have network access control and automation to integrate with the enterprise network. It also helps provide a method to make segmentations between users and enable access control.
We primarily use the solution for user authentication and wireless segmentation of users for actual radius purposes.
Mainly the use case of the solution is for ensuring that the corporate staff gets access to their authorized systems. Another use case is for contractors to get access to the authorized systems. Those are the ones that hope to assist in the maintenance or for authorized admissions to the network. We do also use it for remote access, for example, VPN's and also for wired and wireless access to the network.
We are a solution provider and we provide Cisco products, including ISE, to our customers. This product is used to facilitate the connection of a local network to wireless access. This allows us to restrict users and their access.
The company implemented the solution to keep track of wired and wireless devices.
One of the use cases was the certificate-based authentication for the endpoints. All the laptops and mobiles are embedded with certificates and once they get authenticated, then only they would be able to connect to the LAN. The other use case was the NAC use case wherein the integrity of the laptops and mobile and such were checked before the scan. They fulfill the policy requirements and then they are able to connect to the network. The third use case was the consolidated access control management for all the network devices and security devices.
We are a system integrator and Cisco ISE is one of the products that we sell and implement at our customers side. I have built ISE's POC and provided training to our customers. I also used real rent lab which was including; Active Directory integration, network access and core switches, access points, wireless access controller, and end points. (some end points have cisco client - anyconnect, and have not), and Web Server for creating wireless authentication portal solution end to end The AAA features were awesome and have important attributes, and also the security groups (SGTs) concept to enforce policies for each group of users, regardless they coming via wired or wireless network devices. also i see the guest authentication is very rich and easy tom implement
We have two servers and they're both VMs. Every network system is issued a certificate and each device coming onto the network has to be on the domain with an active AD user logging into it. It needs an up-to-date AMP, which is our Cisco malware and virus scan product and it also needs to have the most current Microsoft security updates and the three layers that we're using: The core VPN, the Network Access Manager and the ISE profiler. When it goes through all those different things on every port on the switch, there are commands for it to be able to go through an ACL so it knows what users are there, what server, and what devices have been put onto the domain. It can verify all that. The user can then proceed on to the network. We've set it so that regular users are VLAN'd off and can only see the data network through ISE and are blocked from seeing the rest of the network. Depending on the department needs or other factors, we have cameras for security which are on a different VLAN, and they can see those. We also have something for O&M where the AC guy can see the AC equipment, and we can prevent all the VLAN's from being viewed by everybody. We are customers of Cisco and I'm the infrastructure and Cyber security manager.
We use Cisco ISE for 802.1 network authentication.
We use this solution to provide wireless for our residence halls and guest networks. We're also a college that works primarily off of iPads, so we have to be able to keep resident hall activity off of the network so that students can do their homework and class activities. We use the Services Engine to authorize all of them.
We primarily use the solution for network admission control.
We use this solution to monitor and secure devices on our network.
We use Cisco ISE for network management, user access for enterprise clients, and advanced firewall support. We use Cisco ISE on domains and clients jointly with other network software utilities.
Our primary use case is to grant access to users, we deploy the bring your own device policy.
We are a reseller of Cisco ISE.
We use this solution to protect the network especially when someone brings their own device and to lock out access to anybody connecting to the network. Also to make sure that the people connect to the correct VLAN. So, mainly for security wifi access so that when people want to connect to our wifi they have to log in using their credentials.
Our company doesn't use Cisco ISE internally. We act as the solution reseller. Our business model is set up to provide a network-based approach for adaptable, trusted access to our clients. We provide our clients with intelligent, integrated protection through intent-based policy and compliance solutions.
It's a network access manager.
My primary use case for this solution is as a server for my networking devices.
We use this solution to authenticate the domain users and if someone is not the domain user to make them a guest.
We use it to aid the tools that we make and to sponsor and get flow.
My primary use case of this solution is for access control for authentication and for the authorization of wireless users.
My primary use case of this solution is to protect the website from web attacks.
Which is better and why?
Let the community know what you think. Share your opinions now!