Cisco network refresh

Currently working on a network refresh. Moving ahead with the following Cisco pack; Dual 4500x distribution switches in VSS and 3850 stack access switches while the wireless environment will be upgraded to dual 5520 WLC’s and 3802i AP’s. Dual Cisco ISE VM’s are also being deployed.

Cisco ISE

Cisco ISE is an identity based network access control and profiling device. There are a lot of fields to get your head around when you first install Cisco ISE. The main components of Cisco ISE is the network profiling, authentication and authorisation policies. Authentication is mainly done through 802.1x or MAB. 

Something I found useful is understanding that within the Authorisation Policy there are 3 main fields; Name of the policy, Conditions and Permissions. Conditions can be created and found under Policy Elements. Permissions go by the name of Results under Policy Elements.