Cisco Identity Services Engine (ISE) version 1.3 has improved it's GUI margin and much easier to navigate than the previous versions.
This technology pride itself with Trust Sec and 802.1x feature. Trust Sec can be an advantage when an environment is nothing but a Cisco workshop.
This technology is based upon utilizing other Cisco products such as IDS, IPS, ASA and Catalyst switches. It provides the RADIUS feature for Active Directory so that 802.1x (EAP over LAN) is properly utilized for User Authentication.
It also does MAC Address Bypass (MAB) for MAC Address verification and authentication.
Cisco will integrate the TACACS+ feature into ISE version 2.0 and enterprises no longer need Cisco ACS for this reason.
Improvements to My Organization:
Many organizations and large enterprises are faced with the daunting task of keeping their security issues at bay. They also need to be in compliant with the Cyber Security's strict guidelines and orders.
While there are many cyber attacks from the outside of the edge routers, cyber attacks can also be implemented within the organization whether it is either intentional or unintentional. Cisco ISE can mitigate many attacks such as MAC spoofing, VLAN hopping, DHCP Starvation and ARP Snooping.
By implementing ISE, it can lighten the overhead of the Cisco Catalyst Switches by not implementing port security, Dynamic Arp Inspection, DHCP Snooping. This will also improve the switch's performance since the ISE server takes over the duty of posturing with its Policy Service Node persona.
Room for Improvement:
Cisco ISE has improved performances on Access Switches and closely monitored the daily suspicious or rogue activities within the organization.
We've had no issues with deployment.
We've had no issues with stability.
We've been able to scale it for our needs.
Which version of this solution are you currently using?