You are here
SEC0217 - ISE 2.0 TrustSec - SGT Assignment (Part 2)
Difficulty Level:
Lab Document:
<Please login to see the content>
Category:
Security
The video shows you how to create and assign Security Group Tag (SGT) to endpoints on Cisco ISE 2.0. We will configure dynamic SGT assignment as part of a successful 802.1X authentication as well as static assignment for devices or resources that do not participate in 802.1X. At the end of this lab, all entities that either need access or be accessed within a TrustSec domain will have SGT assigned.
Part 2 of this video covers switch 802.1X configuration and SGT assignment testing
Topic:
- SGT Creation (Manual, System Assigned, Auto)
- SGT Group Mapping
- SGT-to-IP Mapping
- SGT Assignment (Dynamic and Static)
- Authorization Policy
- 802.1X Authentication
About Author
Metha Chiewanichakorn, CCIE#23585 (Ent. Infra, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at labminutes.com, Metha enjoys learning and challenges himself with new technologies.
1 comments
SGT Validation: NetFlow Configuration
Metha, would you mind sharing the NetFlow config so that we can properly validate the SGT mappings when we ping and run traffic through the devices?