You are here
SEC0331 - ISE 3.0 Device Profiling and MAB (Part 2)
Difficulty Level:
Lab Document:
<Please login to see the content>
Category:
Security
The video introduces you to the concept of device profiling and profiling policy on Cisco ISE 3.0. We will explain different type of probes, and how endpoints get classified, build a policy set, allow endpoint to authenticate using MAC Authentication Bypass (MAB), and enforce Downloadable ACL (DACL). You will learn about Logical Device profile and basic policy structure.
Part 2 of this video covers Endpoint Classification and Policy Elements
Topic:
- Device Profiling
- Type of Probes
- External Identity Source (AD Integration)
- Network Devices
- Endpoint Classification
- NMAP Scan
-
Policy Element
- Profiler Conditions
- Allowed Protocols
- Profiling Policy
- Logical Profile
-
Policy Set
- Authentication Rules
- MAC Authentication Bypass
- Authorization Rules
- Downloadable ACL
- Authorization Profile
- Endpoint Identity Group
- MAC Address Whitelist
- Reports
4 comments
AD Join Store Credentials
Hi Metha,
I always wondered why you say that the "Store Credentials" is required to allow AD Probes to function. I have never stored AD credentials and my AD probes always work fine. If you look at the tool tip for "Store Credentials" it says that this is a convenience feature that will henceforth apply the same credential to all subsequent ISE nodes that join this domain. Which is a handy feature especially when adding new nodes to the deployment. They get "auto joined". Of course, one should use a service account for this where the credentials never change. But it has nothing to do with the AD probe itself.
AD Join Store Credentials
Thank you for your feedback. We checked on this and you are correct. It should have been said as Endpoint Probe, which requires Store Credential, instead of AD Probe. AD Probe should work once ISE is joined to AD.
AD Join Store Credentials
Hi Metha. What do you mean by an 'Endpoint Probe' and how does that differ from the AD Probe?
AD Join Store Credentials
Endpoint probe is for checking if endpoint is still conencted as part of EasyConnect feature.
https://www.cisco.com/c/en/us/td/docs/security/ise/2-2/pic_admin_guide/P...