Datnes Bilişim

802.1X Network Access Control and Cisco ISE — Identity Services Engine

Cybersecurity
802.1X Network Access Control and Cisco ISE — Identity Services Engine

802.1x is a standard that allows devices to be admitted to and authorized on the network by performing access control on LAN connections. It can be applied in wired and wireless environments. We covered 802.1x, the IEEE standard also known as dot1x, in our previous articles.

In this article, we will focus on ISE — Identity Services Engine, which is where Cisco specifically provides service in this area. Cisco ISE acts in the role of authentication server and is used to authenticate and authorize devices or users.

802.1x ISE diagram

Because Cisco ISE can connect directly to directories such as Active Directory and LDAP, it can be easily integrated if such common management directories are used in user environments.

802.1x architecture

Beyond just authenticating wired and wireless devices within the LAN, Cisco ISE can perform device administration (TACACS+), VPN user authentication and authorization (pxGrid), and in the event of any anomaly, it immediately shuts down the port with CoA support and quarantines the relevant device or user, cutting off threats from accessing the network in the very first moment.

For detailed information, you can contact us to ask your questions and see the structure in demo and PoC environments.

info@datnes.com

Dato

Hi! I'm Dato.

Online

Dato is an AI assistant; please verify important details.

Need any help?