Cisco Identity Services Engine (ISE) is a network access control solution that automates security and provides visibility into user and device access. It offers various deployment models including centralized, distributed, and cloud-based, along with services for policy enforcement, guest access, wireless management, and endpoint security. Key benefits of ISE include enhanced security, improved user experience, and increased visibility into network activity.

1. Introduction to
Cisco Identity
Services Engine
(ISE)
Cisco Identity Services Engine (ISE) is a comprehensive network
access control solution that simplifies and automates network
security. ISE offers granular control and visibility into user and
device access across your network.
www.re-solution.co.uk

2. ISE Deployment Models
Centralized Deployment
A single ISE instance manages
network access control for the
entire organisation.
Distributed Deployment
Multiple ISE instances are
deployed across the network,
each managing a specific
segment.
Cloud-Based Deployment
ISE is deployed in the cloud,
offering scalability and flexibility.

3. Cisco ISE Services Policy Services
Access Control
ISE enforces network access policies based on user identity, device posture, and
network context.
2 Guest Access
ISE provides a secure and controlled guest access experience, allowing visitors to
connect to the network while adhering to security policies.
3 Wireless Access
ISE controls and manages wireless network access, enforcing authentication and
security policies for Wi-Fi users.
4 Endpoint Security
Cisco ISE Services assesses the security posture of devices connecting to the
network, ensuring compliance with security standards.
1

4. ISE Profiling and Posture
Assessment
Device Discovery
ISE scans the network and identifies connected devices, gathering
information such as operating system, MAC address, and hostname.
2 Endpoint Assessment
ISE evaluates the security posture of devices, checking for
compliance with predefined security standards and policies.
3 Profile Creation
ISE uses gathered information to create profiles for each device,
categorising them based on their security posture and attributes.
1

5. ISE Secure Access Control
Authentication
ISE authenticates users and devices using various methods
such as username/password, certificates, and multi-factor
authentication.
Authorization
ISE enforces access permissions based on user roles, device
profiles, and network policies.
Enforcement
ISE restricts or grants access based on authentication and
authorization results, ensuring secure network access.

6. ISE Monitoring and Troubleshooting
Real-Time Monitoring ISE provides real-time visibility into
network activity, allowing administrators
to monitor user and device behaviour
and identify potential threats.
Logging and Reporting ISE logs all events and generates detailed
reports, providing valuable insights for
troubleshooting and security analysis.
Troubleshooting Tools ISE offers a suite of tools for
troubleshooting network access issues,
helping to identify and resolve problems
quickly and efficiently.

7. Conclusion and Key Benefits
Enhanced Security
ISE provides strong authentication, posture assessment, and access control, significantly
enhancing network security.
Improved User Experience
ISE simplifies user access and eliminates the need for manual configuration, providing a
seamless user experience.
Increased Visibility
ISE provides comprehensive visibility into network access, user behaviour, and device posture,
enabling effective monitoring and security analysis.