Plan and deploy identity-based secure access for BYOD and borderless networks Using Cisco Secure Unified Access Architecture and Cisco Identity Services Engine, you can secure and regain control of borderless networks in a Bring Your Own Device (BYOD) world. This book covers the complete lifecycle of protecting a modern borderless network using these advanced solutions, from planning an architecture through deployment, management, and troubleshooting. Cisco ISE for BYOD and Secure Unified Access begins by reviewing the business case for an identity solution. Next, you'll walk through identifying users, devices, and security posture; gain a deep understanding of Cisco's Secure Unified Access solution; and master powerful techniques for securing borderless networks, from device isolation to protocol-independent network segmentation. You'll find in-depth coverage of all relevant technologies and techniques, including 802.1X, profiling, device onboarding, guest lifecycle management, network admission control, RADIUS, and Security Group Access. Drawing on their cutting-edge experience supporting Cisco enterprise customers, the authors present detailed sample configurations to help you plan your own integrated identity solution. Whether you're a technical professional or an IT manager, this guide will help you provide reliable secure access for BYOD, CYOD (Choose Your Own Device), or any IT model you choose.
Review the new security challenges associated with borderless networks, ubiquitous mobility, and consumerized IT
Understand the building blocks of an Identity Services Engine (ISE) solution
Design an ISE-Enabled network, plan/distribute ISE functions, and prepare for rollout
Build context-aware security policies
Configure device profiling, endpoint posture assessments, and guest services
Implement secure guest lifecycle management, from WebAuth to sponsored guest access
Configure ISE, network access devices, and supplicants, step-by-step
Walk through a phased deployment that ensures zero downtime
Apply best practices to avoid the pitfalls of BYOD secure access
Simplify administration with self-service onboarding and registration
Deploy Security Group Access, Cisco's tagging enforcement solution
Add Layer 2 encryption to secure traffic flows
Use Network Edge Access Topology to extend secure access beyond the wiring closet
Monitor, maintain, and troubleshoot ISE and your entire Secure Unified Access system