Save up to 30% on Elsevier print and eBooks with free shipping. No promo code needed.
Save up to 30% on print and eBooks.
Practical Deployment of Cisco Identity Services Engine (ISE)
Real-World Examples of AAA Deployments
1st Edition - November 12, 2015
Authors: Andy Richter, Jeremy Wood
Language: English
Paperback ISBN:9780128044575
9 7 8 - 0 - 1 2 - 8 0 4 4 5 7 - 5
eBook ISBN:9780128045046
9 7 8 - 0 - 1 2 - 8 0 4 5 0 4 - 6
With the proliferation of mobile devices and bring-your-own-devices (BYOD) within enterprise networks, the boundaries of where the network begins and ends have been blurred. Ci…Read more
Purchase options
LIMITED OFFER
Save 50% on book bundles
Immediately download your ebook while waiting for your print delivery. No promo code is needed.
With the proliferation of mobile devices and bring-your-own-devices (BYOD) within enterprise networks, the boundaries of where the network begins and ends have been blurred. Cisco Identity Services Engine (ISE) is the leading security policy management platform that unifies and automates access control to proactively enforce role-based access to enterprise networks. In Practical Deployment of Cisco Identity Services Engine (ISE), Andy Richter and Jeremy Wood share their expertise from dozens of real-world implementations of ISE and the methods they have used for optimizing ISE in a wide range of environments.
ISE can be difficult, requiring a team of security and network professionals, with the knowledge of many different specialties. Practical Deployment of Cisco Identity Services Engine (ISE) shows you how to deploy ISE with the necessary integration across multiple different technologies required to make ISE work like a system. Andy Richter and Jeremy Wood explain end-to-end how to make the system work in the real world, giving you the benefit of their ISE expertise, as well as all the required ancillary technologies and configurations to make ISE work.
Infosec professionals and consultants, IT security analysts, engineers, architects, network administrators, and security leads who are charged with deploying Cisco ISE and those who want to extend and optimize their current deployment.
Acknowledgments
Chapter 1: Introduction
Abstract
Chapter 2: ISE Clustering and Basic Setup
Abstract
Introduction
Sizing and preparation
Server/node deployment
Certificates
Cluster configuration
Replication optimization
Licensing
Patching
Backups
Active directory
Chapter 3: Authentication Methods
Abstract
Chapter 4: Policy Elements
Abstract
Breakdown of compound condition
Chapter 5: Authentication
Abstract
Chapter 6: Authorization
Abstract
Chapter 7: Network Access Device Configuration
Abstract
Wired
Wireless
Chapter 8: ISE Profiling
Abstract
Introduction
Setting up profiling
Profiling basics
Profiling custom devices
Example AuthZ
Device example—iPhone
Chapter 9: ISE Portals and Guest Access
Abstract
Introduction
Portal overview
Guest portal types
Guest types
Sponsor setup
Device portals
Global guest settings
Making portal modifications
Scenarios
Chapter 10: Deployment Strategies
Abstract
Wireless
Chapter 11: ISE Policy Design Practices
Abstract
Chapter 12: Corporate Authentication Designs
Abstract
PEAP machine-only authentication
Chapter 13: BYOD Designs
Abstract
User PEAP
BYOD EAP-TLS
Web authentication for BYOD access
Chapter 14: ISE Posture Assessment
Abstract
Introduction
Posture basics
Required AuthZ components
Client provisioning
Posture rules
Conditions
Remediation
Requirements
Posture policy
Examples
Chapter 15: VPN Integrations
Abstract
Posture
Chapter 16: ISE Reporting and Logging
Abstract
Introduction
Reporting
Logging
Monitoring
Examples
Chapter 17: ISE CLI
Abstract
Introduction
ADE-OS—what is it?
Manipulating output
Show commands
Logging
Changing time zones
Application commands
Other tools
Examples
Chapter 18: ISE Administration
Abstract
Authenticating to ISE
RBAC
API
Monitoring REST API
External RESTful API
pxGrid
Subject Index
No. of pages: 298
Language: English
Edition: 1
Published: November 12, 2015
Imprint: Syngress
Paperback ISBN: 9780128044575
eBook ISBN: 9780128045046
AR
Andy Richter
Andy Richter is an information security consultant with years in the field. He is one of the leading experts in implementing and configuring ISE successfully in many enterprises and environments and has been providing clients with his expertise on Cisco ISE since the launch of the product.
Jeremy Wood is the Security and Data Center Engineer at Norwich University in Northfield, VT. He has been with the university since graduation in 2007 and holds a BS in Computer Security and Information Assurance. He is responsible for the university's Cisco NAC and current ISE environments, including all wired, wireless and VPN connectivity.
Affiliations and expertise
Network Engineer, Presidio Networked Solutions
Read Practical Deployment of Cisco Identity Services Engine (ISE) on ScienceDirect