Cisco ISE: Top 5 Unique Features

Cisco ISE is Cisco’s Identity Services Engine, and it is at the heart of Cisco’s Digital Network Architecture strategy to provide visibility and security in the most demanding Enterprise networks.

Cisco ISE


Background: Cisco ISE 

Of course, other Radius/TACACS servers have some similar features and capabilities, but there are some distinctive features that Cisco ISE provides that put it in a different league.

Surprisingly, Cisco ISE remains simple to operate, whether you deploy it on one server, or 50 servers.

ZTA Zero Trust Architecture (Instagram)ISE is a fundamental part of the whole SDA Fabric eco system - without ISE you don't have the capability to authenticate - and authorize - based on the users identify.

Have a read of our associated blog on Zero Trust Architecture - ISE is a fundamental part of this eco-system.

As we move to the micro-segmented world of Zero Trust, this is going to be increasingly important.

 

ASSOCIATED BLOGS:


What makes Cisco ISE Unique

Here are the Top 5 Features with Cisco ISE that are unique and make the platform stand out from the rest

1. Best Profiling Available on the Market

Cisco ISE : Profiling

Over 1000 device profiles out of the box to quickly identify what devices are on your network, and the ability to create your own profiles.

Profiles are a handy way to deal with the proliferation of devices on the network that may otherwise require special treatment to be identified and granted access to the network.

This powerful profiling ability ensures better reporting of what device types are on the network, and also to build Cisco ISE policies that easily classify devices into their respective segments.

Best of all, Cisco ISE allows end users to define their own profiles with almost endless capabilities.

ASSOCIATED BLOGS:


2. EasyConnect

A somewhat overlooked feature in Cisco ISE, but very compelling. Many enterprises aspire to segment their network based on user categories, but may be put off deploying certificate based authentication using 802.1X due to the complexity involved in managing the client certificates.

Cisco ISE Support 1EasyConnect is an alternative to 802.1X by leveraging the Cisco ISE integration with Microsoft Active Directory.

Cisco ISE can dynamically place the user in the correct secure VLAN as soon as they login to AD.

The gold standard is still 802.1X but for some customers EasyConnect may be the first feasible step in the right direction to secure their network.

 ASSOCIATED BLOGS:


3. PortalBuilder

Cisco ISE web Portals are highly customisable and the job of creating appealing web portals does not have to be done by the Cisco ISE admin teams, whose expertise may lie elsewhere. PortalBuilder is a Cisco free web service that allows the creative teams to build the web pages offline, and make the web content available for the Cisco ISE teams to deploy within the product.

ASSOCIATED BLOGS:


4. TrustSec

Cisco ISE: TrustSecAdding secure access from any location (wired, wireless, VPN) without needing to change firewall policies is accomplished with Trustsec

TrustSec is built into Cisco ISE to allow Network Access Policies to be built, regardless of how the user accessed the network.

Cisco ISE can do this without involving changes to the firewalls, making this a flexible technology to help secure your network.

 

 

ASSOCIATED BLOG:


5. Ecosystem Integration

The conversation of Network Access Control mainly revolves around securing the network from users.

Cisco ISE also supports MAC Security (MACsec) to secure the physical links between networking devices are dynamically secured. In addition, Cisco ISE has built in support to detect and contain client devices that exhibit strange networking behavior (e.g. printers that now report to be a Windows client), without the need of an agent in some cases.

When combined with Cisco AnyConnect agent on end devices, then full posture and remediation integration is available to quarantine users whose security posture does not meet requirements.

ASSOCIATED BLOGS:


Cisco ISE: Top 5 Features: Conclusion

Cisco ISE is not simply a Radius or TACACS point-product from Cisco.

It offers some unique selling points that sometimes get missed out when reading the standard marketing blurbs in the trade press. Cisco ISE enjoys a large portion of the Enterprise market share, and it has a thriving community of online supporters worldwide.

If you're interested to know more about the Cisco ISE lifecycle, we also have a blog which covers this topic.

ASSOCIATED BLOGS:

Cisco ISE: Can we help?

We have experts in Cisco ISE ready to help with design, commission and fault finding. If you need any help with Cisco ISE, please contact us via our contact page, or email us at sales@iptel.com.au 

All images were taken from the Cisco ISE Blog

Free Quote

 

Need Help with your Network Install?

If you’re looking for a partner to help you through the future of networking – or to help you work through the maze of how to upgrade your network, we're here to help.

Contacting us is easy:

We are experts in network design and especially Wi-Fi design and remediation and Cisco ISE. If you're ready to take the plunge, we're ready to help you with DNA Center and SDA too. 

IPTel Solutions - Experts in Network Engineering Excellence

 

Click to Download "Top 8 Secrets to Great Wi-Fi"