ISE

The video looks at how you can use mDNS Profile and mDNS Policy on Cisco Wireless LAN Controller to restrict user access to mDNS services. The restriction will be performed per-WLAN as well as per-user by integrating the solution with Cisco ISE RADIUS server and use appropriate RADIUS attributes. 

The video walks you through L2 security options of a WLAN on Cisco Wireless LAN Controller. We will emphasize on WPA/WPA2 with 802.1X and PSK options. Fast Transition (802.11r) will be tested, examined with packet capture, and discussed on why you may or may not want to have this enabled. Other less commonly used options such as WEP with and without 802.1X will also be reviewed.

The video walks you through L2 security options of a WLAN on Cisco Wireless LAN Controller. We will emphasize on WPA/WPA2 with 802.1X and PSK options. Fast Transition (802.11r) will be tested, examined with packet capture, and discussed on why you may or may not want to have this enabled. Other less commonly used options such as WEP with and without 802.1X will also be reviewed.

The video walks you through configuration of L2 security with MAC filtering on Cisco Wireless LAN Controller. We will look at both using controller local MAC address database and external RADIUS authentication to authenticate wireless client based on their MAC addresses. We will also configure RADIUS server as part of our configuration.

The video shows how you can leverage Active Directory database for your ISE 1.3 administrative login. We will create two different sets of admin permission and assign them to users accordingly to their AD group membership. Users will have limited access to ISE menu options and data according to our policy configuration.

The video introduces you to the new pxGrid feature on Cisco ISE 1.3. We will begin with enabling pxGrid service and install required certificate. We will then configure Identity Mapping feature, connect ISE to a domain controller, and test authentication for user-to-IP mapping. We will finish up by enabling auto-registration and review publisher and subscriber roles. 

The video walks you through the process of sponsor and guest portal customization on Cisco ISE 1.3. We will review Cascading Style Sheet (CSS) created back in the the Portal Customization video and apply it to our Sponsor and Guest portals, and make other basic changes including portal logo, banner, and wordings. We will also extend the customization to sponsor and guest account notification emails and prints while demonstrating the use of variables in order to insert guest-specific information onto the page. 

The video walks you through the process of sponsor and guest portal customization on Cisco ISE 1.3. We will review Cascading Style Sheet (CSS) created back in the the Portal Customization video and apply it to our Sponsor and Guest portals, and make other basic changes including portal logo, banner, and wordings. We will also extend the customization to sponsor and guest account notification emails and prints while demonstrating the use of variables in order to insert guest-specific information onto the page. 

The video extends our knowledge on Cisco ISE 1.3 posture assessment to guest computers, specifically Windows, that do not have NAC Agent installed. Continuing on from our previous guest videos, we will enable device compliance check using temporal NAC web Agent. We will perform basic Antivirus software install check and look at both situations where the posture check passes and fails, in which case, we will also perform remediation.

The video demonstrates a feature called 802.1X and CWA chaining on Cisco ISE 1.3. Many organization has a requirement to enforce two-factor authentication and here we will combine knowledge from previous videos to achieve this. In addition to performing 802.1X machine and user authentication, we will force our internal users to provide login credential through guest web portal. User information will be cross-checked between two methods for consistency before allow network access.