Professional Documents
Culture Documents
• 802.1x.
• An IEEE standard that is used to implement port-based access control.
• Access device will allow traffic on the port only after the device has been authenticated and authorized.
• 802.1x main roles:
• Authentication server.
• An entity that provides an authentication service to an authenticator.
• Referred to as the policy decision point (PdP).
• Cisco ISE is an example of an authentication server.
• Supplicant.
• An entity that seeks to be authenticated by an authenticator.
• For ex. a client laptop connected to a switch port.
• Authenticator.
• An entity that facilitates authentication of other entities attached to the same LAN.
• Referred to as the policy enforcement point (PeP).
• Cisco switches, wireless routers, and access points are examples of authenticators.
SCOR Page 1
•
• Downloadable ACL.
• An ACL that can be applied dynamically to a port.
SCOR Page 2
• Great support for bring-your-own-device (BYOD)
• Leverages Cisco TrustSec technology.
• Supports TACACS+ and RADIUS AAA services, as well as integration with Duo
SCOR Page 3
•
SCOR Page 4
SCOR Page 5
• ISE can enforce policies (also known as authorization) after performing authentication.
• Posture assessment.
• A set of rules in a security policy that define a series of checks before an endpoint is granted access to the
network.
• Include the installation of operating system patches, host-based firewalls, antivirus and anti-malware software,
disk encryption, and more.
SCOR Page 6
• Change of Authorization (CoA).
• Allows a RADIUS server to adjust an active client session.
• The default behavior of an 802.1X-enabled port is to authorize only a single MAC address per port.
• Multi-Auth mode allows virtually unlimited MAC addresses per switch port, and requires an authenticated
session for every MAC address.
SCOR Page 7
session for every MAC address.
• When you first register a Cisco ISE node as a secondary node, full replication starts automatically.
• Then incremental replication is performed on a periodic basis.
SCOR Page 8