You are here
SEC0331 - ISE 3.0 Device Profiling and MAB (Part 1)
Difficulty Level:
Lab Document:
<Please login to see the content>
Category:
Security
The video introduces you to the concept of device profiling and profiling policy on Cisco ISE 3.0. We will explain different type of probes, and how endpoints get classified, build a policy set, allow endpoint to authenticate using MAC Authentication Bypass (MAB), and enforce Downloadable ACL (DACL). You will learn about Logical Device profile and basic policy structure.
Part 1 of this video covers probes and AD integration
Topic:
- Device Profiling
- Type of Probes
- External Identity Source (AD Integration)
- Network Devices
- Endpoint Classification
- NMAP Scan
-
Policy Element
- Profiler Conditions
- Allowed Protocols
- Profiling Policy
- Logical Profile
-
Policy Set
- Authentication Rules
- MAC Authentication Bypass
- Authorization Rules
- Downloadable ACL
- Authorization Profile
- Endpoint Identity Group
- MAC Address Whitelist
- Reports