Cisco ISE is a comprehensive solution that provides authentication, authorization, and accounting (AAA) services, as well as posture, profiling, and guest access features. These are some of the key features that differentiate Cisco ISE from other RADIUS and NAC products in the market.
Ability to authenticate and authorize users and endpoints: Cisco ISE supports various authentication methods and protocols, such as 802.1X, MAB, WebAuth, EAP, PEAP, EAP-TLS, and TEAP. Cisco ISE also integrates with various identity sources, such as Active Directory, LDAP, RADIUS, SAML, and Azure AD. Cisco ISE can enforce granular and dynamic policies based on the identity and context of the users and endpoints, such as device type, location, posture, and time. Cisco ISE can also leverage TrustSec and SGTs to provide software-defined segmentation and micro-segmentation12.
BYOD provides auto configuration of endpoints: Cisco ISE supports BYOD (Bring Your Own Device) scenarios, where users can register and onboard their personal devices to the network. Cisco ISE provides a self-service portal and a native supplicant provisioning tool that can automatically configure the endpoints with the required certificates, profiles, and settings. Cisco ISE can also apply different policies for corporate and personal devices, and integrate with MDM (Mobile Device Management) solutions to enforce compliance and security34.
Guest access and guest lifecycle management functionality: Cisco ISE provides a comprehensive guest access solution that allows administrators and sponsors to create and manage guest accounts, and assign different access levels and privileges to guests. Cisco ISE also provides a customizable guest portal that can support various authentication methods, such as social media login, SMS, email, or self-registration. Cisco ISE can also monitor and audit the guest activities and sessions, and enforce expiration and revocation policies .
References:
: Cisco ISE Features - Cisco
: Cisco TrustSec Configuration Guide, Cisco IOS XE Gibraltar 16.12.x - TrustSec Overview [Cisco IOS XE 16] - Cisco
: Cisco Identity Services Engine Administrator Guide, Release 2.7 - BYOD [Cisco Identity Services Engine] - Cisco
: Cisco Identity Services Engine Administrator Guide, Release 2.7 - Mobile Device Management [Cisco Identity Services Engine] - Cisco
: [Cisco Identity Services Engine Administrator Guide, Release 2.7 - Guest Access [Cisco Identity Services Engine] - Cisco]
: [Cisco Identity Services Engine Administrator Guide, Release 2.7 - Guest Lifecycle Management [Cisco Identity Services Engine] - Cisco]
