ISE

The video demonstrates SXP capability on Cisco ISE 2.0 to relay SGT between SXP-capable network devices. We will use WLC as SXP speaker, while ASA and switch as listeners and enforcers. The switch has SGACL implemented from the previous video and the ASA will leverage SGT in its ACL. We will also look at Static SXP Mapping.

The video attempts to implement SGT propagation across a WAN over FlexVPN. We will demonstrate capability of Cisco router in participating Cisco TrustSec including joining SGT trust domain, Network Device Authorization, SGT propagation, and enforcement. We will configure ZBFW to utilize source SGT in conjunction with ACL to restrict network access.

The video attempts to implement SGT propagation across a WAN over FlexVPN. We will demonstrate capability of Cisco router in participating Cisco TrustSec including joining SGT trust domain, Network Device Authorization, SGT propagation, and enforcement. We will configure ZBFW to utilize source SGT in conjunction with ACL to restrict network access.

The video attempts to implement SGT propagation across a WAN over FlexVPN. We will demonstrate capability of Cisco router in participating Cisco TrustSec including joining SGT trust domain, Network Device Authorization, SGT propagation, and enforcement. We will configure ZBFW to utilize source SGT in conjunction with ACL to restrict network access.

The video walks you through configuration of SGACL on Cisco ISE 2.0. Using the SGT created in the previous video, we will map them into SGACL matrix and apply appropriate access policy. We will configure a switch to download SGACL from ISE and have it act as our enforcement point (Network as a Enforcer). 

The video walks you through configuration of SGACL on Cisco ISE 2.0. Using the SGT created in the previous video, we will map them into SGACL matrix and apply appropriate access policy. We will configure a switch to download SGACL from ISE and have it act as our enforcement point (Network as a Enforcer). 

The video walks you through configuration of SGACL on Cisco ISE 2.0. Using the SGT created in the previous video, we will map them into SGACL matrix and apply appropriate access policy. We will configure a switch to download SGACL from ISE and have it act as our enforcement point (Network as a Enforcer). 

The video shows you how to create and assign Security Group Tag (SGT) to endpoints on Cisco ISE 2.0. We will configure dynamic SGT assignment as part of a successful 802.1X authentication as well as static assignment for devices or resources that do not participate in 802.1X. At the end of this lab, all entities that either need access or be accessed within a TrustSec domain will have SGT assigned.

The video shows you how to create and assign Security Group Tag (SGT) to endpoints on Cisco ISE 2.0. We will configure dynamic SGT assignment as part of a successful 802.1X authentication as well as static assignment for devices or resources that do not participate in 802.1X. At the end of this lab, all entities that either need access or be accessed within a TrustSec domain will have SGT assigned.

This is the first video of a TrustSec mini series on Cisco ISE 2.0. We will look at the first building block of creating a TrustSec domain which is Network Device Admission Control (NDAC). This will also be our first look at the new TrustSec WorkCenter. We will be configuring a seed device and a non-seed device in this lab, and test SGT propagation.