In our previous entries to this series, we’ve deployed ISE, integrated it with Microsoft AD, and configured the ISE server-side certificates. All of that being completed, we are now ready to configure our Policy Set for 802.1X and test it out.
This entry in our Cisco ISE blog series expands on the previous entry, Authenticate all the things! Some of the vernacular we established in that entry will be repeated here, but not explained. So, if you haven’t had a chance to read that one yet, go ahead, we’ll wait right here for you! In this entry, we take a closer look at the EAP authentication types we see most commonly deployed as a part of a Wired and Wireless network 802.1X deployment.
Network security is often delegated to singular devices within the network. For instance, you might allow unfettered access for all endpoints within the core of your corporate network and enforce the access policy at the edge firewall. For your wireless users, you might choose to enforce a singular policy for all users allowing every wireless user access to HTTP, HTTPS, SSH, and Telnet and implementing this policy at the access point (autonomous mode) or at the Wireless LAN Controller (lightweight mode). This “one-size-fits-all” approach is not the ideal way to implement network security.
Subscribe to the informative Newsletter to be Notified Updates in the Technology world.