Top Three Solution Models for Cisco Identity Services Engine (ISE)

Cisco Identity Services Engine When organizations are looking to deploy Cisco ISE for the first time, there are often design and integration issues surrounding the correct solution model. Too many times, the complexity of deploying ISE overshadows the core reasons or requirements that ISE ultimately will service.

Below are the top three solution models or services for deploying Cisco ISE.

Securing Access Across the Entire Network a.k.a. Corporate Access ControlConsolidating and simplifying network access policies across three connection types: wired, wireless, and VPN. This streamlining of access control is primarily targeted towards devices that are defined as corporate-owned or corporate assets that are managed by the organization; they require secure connectivity, and utilize the same on-boarding policy sets. Additionally, these assets are not limited to user controlled laptops and desktops but incorporate other headless devices such as printers, IP phones and security cameras.

Managing Guest or Non-Corporate Access Control Providing visitors or guest devices access to the Internet as well as internal resources. Non-corporate devices from users such as vendors, contractors and temporary guests require different levels of access. Guest device access control also includes employee devices and involve services such BYOD or Bring Your Own Device. Lastly, guest access control can provide services such as Hot Spot guest Internet access for organizations who want to provide added services for customers.

Device Administration – In early 2017 the Cisco Access Control Server (ACS) went end-of-life and organizations needed to migrate their Authentication, Authorization, and Accounting (AAA) services. With ISE 2.0 both RADIUS and TACACS+ services can be managed and controlled by ISE and provide a homogenous or single interface for both user and network device access control. Being able to provide a single pane-of-glass for managing all user and device authentication is a critical security requirement for most organizations.


Lee Berdick

Senior Solutions Consultant, Lee Berdick, has been passionate about the IT industry since he was 17 years old. Today’s technology concerns has molded Lee into quite the Security expert!