Practical Deployment of Cisco Identity Services Engine (ISE) - 1st Edition - ISBN: 9780128044575, 9780128045046

Practical Deployment of Cisco Identity Services Engine (ISE)

1st Edition

Real-World Examples of AAA Deployments

Authors: Andy Richter Jeremy Wood
eBook ISBN: 9780128045046
Paperback ISBN: 9780128044575
Imprint: Syngress
Published Date: 26th November 2015
Page Count: 298
Tax/VAT will be calculated at check-out Price includes VAT (GST)
30% off
30% off
30% off
30% off
30% off
20% off
20% off
30% off
30% off
30% off
30% off
30% off
20% off
20% off
30% off
30% off
30% off
30% off
30% off
20% off
20% off
69.95
48.97
48.97
48.97
48.97
48.97
55.96
55.96
42.99
30.09
30.09
30.09
30.09
30.09
34.39
34.39
50.95
35.66
35.66
35.66
35.66
35.66
40.76
40.76
Unavailable
Price includes VAT (GST)
× DRM-Free

Easy - Download and start reading immediately. There’s no activation process to access eBooks; all eBooks are fully searchable, and enabled for copying, pasting, and printing.

Flexible - Read on multiple operating systems and devices. Easily read eBooks on smart phones, computers, or any eBook readers, including Kindle.

Open - Buy once, receive and download all available eBook formats, including PDF, EPUB, and Mobi (for Kindle).

Institutional Access

Secure Checkout

Personal information is secured with SSL technology.

Free Shipping

Free global shipping
No minimum order.

Description

With the proliferation of mobile devices and bring-your-own-devices (BYOD) within enterprise networks, the boundaries of where the network begins and ends have been blurred. Cisco Identity Services Engine (ISE) is the leading security policy management platform that unifies and automates access control to proactively enforce role-based access to enterprise networks. In Practical Deployment of Cisco Identity Services Engine (ISE), Andy Richter and Jeremy Wood share their expertise from dozens of real-world implementations of ISE and the methods they have used for optimizing ISE in a wide range of environments.

ISE can be difficult, requiring a team of security and network professionals, with the knowledge of many different specialties. Practical Deployment of Cisco Identity Services Engine (ISE) shows you how to deploy ISE with the necessary integration across multiple different technologies required to make ISE work like a system. Andy Richter and Jeremy Wood explain end-to-end how to make the system work in the real world, giving you the benefit of their ISE expertise, as well as all the required ancillary technologies and configurations to make ISE work.

Readership

Infosec professionals and consultants, IT security analysts, engineers, architects, network administrators, and security leads who are charged with deploying Cisco ISE and those who want to extend and optimize their current deployment.

Table of Contents

  • Acknowledgments
  • Chapter 1: Introduction
    • Abstract
  • Chapter 2: ISE Clustering and Basic Setup
    • Abstract
    • Introduction
    • Sizing and preparation
    • Server/node deployment
    • Certificates
    • Cluster configuration
    • Replication optimization
    • Licensing
    • Patching
    • Backups
    • Active directory
  • Chapter 3: Authentication Methods
    • Abstract
  • Chapter 4: Policy Elements
    • Abstract
    • Breakdown of compound condition
  • Chapter 5: Authentication
    • Abstract
  • Chapter 6: Authorization
    • Abstract
  • Chapter 7: Network Access Device Configuration
    • Abstract
    • Wired
    • Wireless
  • Chapter 8: ISE Profiling
    • Abstract
    • Introduction
    • Setting up profiling
    • Profiling basics
    • Profiling custom devices
    • Example AuthZ
    • Device example—iPhone
  • Chapter 9: ISE Portals and Guest Access
    • Abstract
    • Introduction
    • Portal overview
    • Guest portal types
    • Guest types
    • Sponsor setup
    • Device portals
    • Global guest settings
    • Making portal modifications
    • Scenarios
  • Chapter 10: Deployment Strategies
    • Abstract
    • Wireless
  • Chapter 11: ISE Policy Design Practices
    • Abstract
  • Chapter 12: Corporate Authentication Designs
    • Abstract
    • PEAP machine-only authentication
  • Chapter 13: BYOD Designs
    • Abstract
    • User PEAP
    • BYOD EAP-TLS
    • Web authentication for BYOD access
  • Chapter 14: ISE Posture Assessment
    • Abstract
    • Introduction
    • Posture basics
    • Required AuthZ components
    • Client provisioning
    • Posture rules
    • Conditions
    • Remediation
    • Requirements
    • Posture policy
    • Examples
  • Chapter 15: VPN Integrations
    • Abstract
    • Posture
  • Chapter 16: ISE Reporting and Logging
    • Abstract
    • Introduction
    • Reporting
    • Logging
    • Monitoring
    • Examples
  • Chapter 17: ISE CLI
    • Abstract
    • Introduction
    • ADE-OS—what is it?
    • Manipulating output
    • Show commands
    • Logging
    • Changing time zones
    • Application commands
    • Other tools
    • Examples
  • Chapter 18: ISE Administration
    • Abstract
    • Authenticating to ISE
    • RBAC
    • API
    • Monitoring REST API
    • External RESTful API
    • pxGrid
  • Subject Index

Details

No. of pages:
298
Language:
English
Copyright:
© Syngress 2016
Published:
Imprint:
Syngress
eBook ISBN:
9780128045046
Paperback ISBN:
9780128044575

About the Author

Andy Richter

Andy Richter is an information security consultant with years in the field. He is one of the leading experts in implementing and configuring ISE successfully in many enterprises and environments and has been providing clients with his expertise on Cisco ISE since the launch of the product.

Affiliations and Expertise

Principle Network Security Engineer, Presidio Networked Solutions

Jeremy Wood

Jeremy Wood is the Security and Data Center Engineer at Norwich University in Northfield, VT. He has been with the university since graduation in 2007 and holds a BS in Computer Security and Information Assurance. He is responsible for the university's Cisco NAC and current ISE environments, including all wired, wireless and VPN connectivity.

Affiliations and Expertise

Network Engineer, Presidio Networked Solutions