Home / Cisco Security / Cisco Identity Services Engine (ISE)- User Authentication in Network

Cisco Identity Services Engine (ISE)- User Authentication in Network

Today I am going to discuss one of the most important platform of the Cisco by which you really enable enterprises to enforce compliance, enhance infrastructure security, and streamline their service operations. Cisco ISE is the way through which we can have the identity and access control policy on the devices within the network.
What is Cisco Identity Services Engine ?
A lot of questions on Cisco ISE and some of you really don't know about the Cisco ISE. Cisco ISE is one of the integral and the important part in the Cisco DNA infrastructure for the Next generation networks.

 With the help of ISE, you can simplifies the delivery of consistent, highly secure access control across wired and wireless multivendor networks and remote VPN connections. With far-reaching, intelligent sensor and profiling capabilities, ISE can reach deep into the network to deliver superior visibility into who and what are accessing resources.
Fig 1.1- Identity Services Engine with TrustSec

 ISE gives you an easy out-of- the-box setup. Use self- service device on boarding and management, internal device certificate management, and integrated enterprise mobility management (EMM) and mobile device management (MDM).Cisco ISE Express uses standard RADIUS protocol for authentication, authorisation  and accounting (AAA).

It supports a wide range of authentication protocols, including, but not limited to, PAP, MS-CHAP, Extensible Authentication Protocol (EAP)-MD5, Protected EAP (PEAP), EAP-Flexible Authentication via Secure Tunneling (FAST), EAP Transport Layer Security (TLS) and EAP-Tunneled Transport Layer Security (TTLS). Cisco ISE is the only RADIUS server to support EAP chaining of machine and user credentials.

Fig 1.2- Cisco ISE authentication Process

So with the help of ISE, you can have all the information about the users in the network. You can have wired and wireless devices in your network and you can identify the same with the help of Cisco ISE solution. The idea is to automate the network as well, APIC-EM is the solution with which we can have the automation of the policy in the network and ISE is the solution for the authentication of the users. 

So if you guys are going to deploy the DNA infrastructure in the network, these are the pillars of the DNA infrastructure. DNA consists of SDA/ACI/NFV at the Network layer; Automation with the APIC-EM; Analytics with Cisco Tetration; Control and Policy authentication via ISE engine and Network visibility via Cisco Stealth-watch solution.

Hope you are able to understand the initial article of Cisco ISE, I will come up with the Cisco ISE in detail for you guys.