View Cart
0 Items | Total: US$0.00
Welcome,      Register

You are here

eps

Quick Tip: ISE 2.x Unquarantine EPS Endpoint

Since Cisco announced an intention to unify software version across routing and switch platforms, we have already seen the first software release of Denali 16.1 on Cisco IOS XE switches. Subsequently, Cisco has also released the first common software version between router and switch with Denali 16.2.1. While you can upgrade a switch as you normally would, upgrading a router requires a closer attention. In this article, we will show you how to upgrade an ISR 4000 to Denali 16.2.1. We will be using ISR 4321 running IOS XE 3.6.

SEC0223 - ISE 2.0 Adaptive Network Control (ANC) (Part 2)

The video looks at Adaptive Network Control (ANC) feature on Cisco ISE 2.0 and how it can be used to quarantine endpoint devices similarly to its legacy feature called Endpoint Protection Service (EPS). This lab exercise includes creating and testing ANC policies with various type of actions. At the end, we will demonstrate the use of SGT with ANC to leverage SGACL to limit quarantined device network access.
Rating: 
5
Average: 5 (2 votes)
Difficulty Level: 
0

SEC0223 - ISE 2.0 Adaptive Network Control (ANC) (Part 1)

The video looks at Adaptive Network Control (ANC) feature on Cisco ISE 2.0 and how it can be used to quarantine endpoint devices similarly to its legacy feature called Endpoint Protection Service (EPS). This lab exercise includes creating and testing ANC policies with various type of actions. At the end, we will demonstrate the use of SGT with ANC to leverage SGACL to limit quarantined device network access.
Rating: 
5
Average: 5 (2 votes)
Difficulty Level: 
0

SEC0110 - ISE 1.2 Endpoint Protection Service (EPS) (Part 2)

The video demonstrates the use of Endpoint Protection Service (EPS) on Cisco ISE 1.2 to quarantine undesired endpoints. Unlike manually removing an endpoint from the network by shutting down port and the endpoint can potentially be moved to a different port to regain access, although ISE also allow you to exactly this by issuing a port-shutdown CoA, placing host MAC address or IP into EPS quarantine ensures the endpoint remains denied from the network regardless of its point to attachment. A policy can be created to block endpoint traffic by ACL or/and placing them into a unusable VLAN.

Rating: 
5
Average: 5 (1 vote)
Difficulty Level: 
3

SEC0110 - ISE 1.2 Endpoint Protection Service (EPS) (Part 1)

The video demonstrates the use of Endpoint Protection Service (EPS) on Cisco ISE 1.2 to quarantine undesired endpoints. Unlike manually removing an endpoint from the network by shutting down port and the endpoint can potentially be moved to a different port to regain access, although ISE also allow you to exactly this by issuing a port-shutdown CoA, placing host MAC address or IP into EPS quarantine ensures the endpoint remains denied from the network regardless of its point to attachment. A policy can be created to block endpoint traffic by ACL or/and placing them into a unusable VLAN.

Rating: 
5
Average: 5 (1 vote)
Difficulty Level: 
0
Subscribe to RSS - eps

Lab Minutes Classifieds