If you're looking for information about Cisco ISE, you've come to the right place. This article will answer some of the most common questions people have about Cisco ISE.
We'll cover everything from what Cisco ISE is and what it does to other most asked questions.
By the end of this article, you should have a good understanding of what Cisco ISE is and how it can benefit your organization.
So let's get started!
1. What is Cisco ISE?
Cisco ISE is an Identity Services Engine that provides authentication, authorization, and accounting (AAA) services for devices on a network. It can be used to manage wired, wireless, and remote access connections.
Cisco ISE is a policy enforcement point (PEP) that sits in the data path between clients and servers. It can authenticate users and devices before allowing them access to network resources. It can also authorize devices for specific types of traffic and track user activity for billing or security purposes. In general terms, it is considered one of the most popular NAC solutions in the world.
2. What Is a NAC Solution?
A NAC solution is a Network Access Control solution. It is a security system that allows an administrator to control and manage who or what has access to the network and how they access it.
A NAC solution can do things like:
- Check the security of a device before it is allowed onto the network
- Prevent infected devices from spreading malware or other infections to other devices on the network
- Limit the type or amount of data that can be transmitted by devices on the network
- Block devices from accessing certain websites or applications
3. What is profiling in Cisco ISE?
Profiling is the ability to identify users and devices as they interact with the network. It allows you to see what applications are being used, what sites are being visited, and how much bandwidth is being consumed.
This information can be used to improve security by identifying risky behavior or to optimize network resources by identifying which applications or websites are consuming the most bandwidth.
Cisco ISE uses a variety of profiling techniques including;
active monitoring (which observes traffic as it flows through the network),
passive monitoring (which captures traffic that has already passed through the network),
fingerprinting (which identifies devices by their unique characteristics).
4. Can you run Cisco ISE in Azure?
ISE is a critical part of the Cisco security architecture and can be deployed in various ways. One option is to deploy it on Azure virtual machines.
For more information, see the Cisco white paper, Deploying Cisco Identity Services Engine on Microsoft Azure.
5. Is Cisco ISE cloud based?
Yes, Cisco ISE is cloud-enabled. This allows you to take advantage of the scalability and elasticity of the cloud while still maintaining complete control over your network security.
You can deploy Cisco ISE in the cloud, on-premises, or as a hybrid solution.
You can find more information on the newest Cisco ISE update, which is Cisco ISE 3.0, here.
Summary
Cisco ISE is a powerful and versatile tool that can be used in many different types of networks. While it may seem daunting at first, the benefits of using Cisco ISE are vast.
We hope this article has answered some of the Cisco ISE FAQs and that you feel confident enough to begin implementing it into your network.
If you decide to use Cisco ISE or have any further questions, please take a look our Cisco ISE course for help.
