Today, we are performing wireless client authentication and using it as a captive portal for our guest wireless network. Eventually, I am hoping to roll into 802.1X for the wire.

In our organization, we have about 2,000 employees and 12,000 other end users whom we service.

Our main use case right now is TACACS for device administration and authentication, as well as for user authentication on the network: wireless authentication, 802.1X, and wired authentication too, for RADIUS.

I am head of the IT infrastructure for a company. My company is a manufacturing company, based out of India. My company has between 3,000 to 5,000 users. 

Our solution is completely on-prem.

The domain under which my company works puts a lot of importance on cybersecurity. Our management gave us clear instructions that there should be an environment where there are zero trust policies applied.

We explored various solutions that could bring in zero trust. The first level of zero trust that we wanted to bring in is a zero trust network.

We reached out to Cisco at that time, and they told us about the things that can be done around the software-defined access and the integration of Cisco ISE. And that was the time when we started doing a lot of POCs to see which use cases we could use for it. That was when we got in touch with Cisco and they told us that this would offer us network-level zero trust. 

When I say zero trust architecture, the first thing is that we wanted to have a network authentication done on a certificate basis. That was the first use case, where the only versions in the network that have a domain-based certificate could be allowed to join my network. My enterprise network should not allow anybody from outside. That was the first use case. 

The second use case was that we had to do the posturing of my endpoints. I wanted to ensure that those which are connected to my network have proper antivirus and software installed, and the operating system is permissible. That is where we started to do the posturing part of it. 

The third use case is around the access part of it. We have multiple departments in our company, and we wanted to restrict the access of particular user groups to particular IT applications. 

We use the product for TACACS, dot1x, authentication for some of our RADIUS devices, and authentication and authorization for our VPN clients.

I am a Cyber System Engineer, specifically working on the network team.

We use Cisco ISE mainly for authentication, accounting, authorization, and monitoring different devices that we have on many different sites within our company. 

We mainly use Cisco ISE for device authentication. We are now rolling out 802.1X.

For Cisco ISE specifically, I manage the cybersecurity as well as the networking team. The networking team uses it to track statistics of users coming in and out of the network platform. We use it to track equipment, collect information on identity, and have the help desk leverage the telemetry to troubleshoot. It is part of our day-to-day operations.

This provided security for our sizeable law firm, which has offices across the entire country. Our lawyers like to be mobile. Around six or seven months ago, we started to roll out iPads and really adopted a mobile culture. One of the things that we wanted to do was to provide flexibility for lawyers to walk with a corporate laptop, or walk with their own personal laptop and still have the capabilities to log on and do what they want to do.

We also used it for the many meeting rooms we have. A lot of law firms have tons of meeting rooms, and we needed to secure some of those meeting rooms as well. The technology allowed us to roll 802.1X. We were able to secure ports in the meeting rooms and have a little bit more flexibility as to where users log in.

For example, a couple of years back, we wanted to secure all of the endpoints for the help desk and networking team and all of the backend team and ensure that, irrespective of where one goes with that laptop, when they log in, it'll automatically move them to a secure VLAN. With ISE, we were able to do that and monitor it.

We were looking for secure network access.

I utilize Cisco ISE to access the switches on our network for monitoring configurations.

We use ISE for TACACS and 802.1X authentication, wired and wireless. We also use ISE for our VPN authentication, as well as for different policies. We were trying to solve some security holes with Mac solutions, and ISE was a good fit.

I use the product for AAA authentication.

This solution ties into our Cisco Duo and Cisco AnyConnect connections to help us authenticate against the active directory and Cisco Duo multifactor authentication. It takes metrics about the connections that are connecting it and allows us to set up a rule against them. For instance, if a Windows device is not all the way up to date, we can put a message up that says, "Before you're able to connect, please do your Windows updates as they haven't been done in six months."

As this solution allows AnyConnect to authenticate with the active directory in the backend, the users won't directly use it. Still, it will be in use throughout the login process into Cisco AnyConnect as a source of authentication.

With this solution, we don't require anyone for maintenance.

Identity Services Engine for us has an incredible number of use cases, predominantly around identity and contact sharing within the enterprise or Endpoint onboarding for, authentication and authorization. Most recently, in the last few years, we've actually finally added device authentication and device management into that with the TACACS implementation. And now we have a comprehensive set of features to perform enterprise NAC, pure RADIUS authentication, and user authorization.

I am a Senior Technical Consultant. I have worked in professional services as a Cisco Gold partner for the last ten years. 

I have been offering Cisco ISE for the last three to four years. We do small deployments, upgrades, and those types of things.

We see a lot of customers wanting to use Cisco ISE primarily for 802.1X wired and wireless and also for posture device administration, and guest access.

A lot of our customers who come to us do not have any sort of NAC solution in place at all. They don't have a RADIUS, they might have a Soft MPS or something along those lines, but Cisco ISE is far superior. It gives them far more visibility and the policies are more configurable. The ability to do dynamic access lists, dynamic VLAN environments, and that type of thing, and it just gives them a different level of security altogether.

I'm a network engineer. I've been at my company for about six years. 

We have about ten people on the networking team. We support up to 30,000 students. We've been using ISE for five or six years now.

Our primary use case is mainly to onboard students with the wireless authentication with our switches and network devices. 

Cisco ISE is our network access control solution. We use it to prevent unwanted devices from connecting to our physical network. We also use it for wireless access control on the corporate network, but not on our guest internet network. That difference is because we have Cisco Meraki on the guest wireless.

The solution is in twin private data centers and we did virtual servers, not physical appliances. They're on our VMware platform.

Our business is the lending half of banking only. There are no ATMs or customers coming in with deposits or credit cards. It's a commercial lending operation. We don't have a lot of foot traffic into our locations from our customers. Some might say we're a little overly worried about our physical network, because we're pretty physically secure already. However, we occasionally do customer appreciation events in our locations, at which point there could be 100 people waltzing in and out of any one of our buildings. That's when the regulators say, "That's why you need security." Ultimately, if you let your guard down in the world of security, you're going to get attacked. So, like it or not, we have to button it up.

We use ISE for authentication, authorization, and access control. We use it to integrate and manage a lot of the access controls between our switches, routers, and pretty much all of our network infrastructure. We use ISE on-prem instead to manage all of our infrastructure.

We're just using it for authentication to our network switches.

I often use Cisco ISE for guest portals to onboard devices. For example, if a company wants to allow their employees to bring their own devices, there's a large security risk. Cisco ISE can help with onboarding those devices and check whether they're up-to-date with security patches and whether they fit the criteria to join the network.

There's so much stress involved with the pressures of trying to make it easy for customers to use the product without constantly having to jump over security hurdles. On the other hand, there is the constant threat of cyber attacks. Balancing the two can be quite stressful for developers, engineers, and consultants.

Our main goal, as an intermediary between Cisco and our clients, is to help IT managers, IT engineers, and administrators have better days. There is a lot of pressure on IT staff, and by giving them the right tools and solutions, we can help them feel more empowered to do their job much more effectively and, therefore, feel proud of their work.

We utilize Cisco ISE for authentication by employing the AnyConnect Posture model to address vulnerabilities on the workstations. Additionally, we make use of TACACS.

We use it for access control in our organization for network control and the guest portal of the guest users who access the wireless network.

The company's use case for Cisco ISE is switch access. I'm from the high-performance compute side. I'm not the back office IT. I'm what they call GSIT. Their use cases are different but very similar.

When it comes to ISE, the main challenge that we were trying to address is with our retail environments. We don't have control over the physical access to all the ports and we didn't really have any network access control.

ISE has, and will continue to allow us to secure our edge environment at the retail stores. It's also going to provide more security as we are rolling out more wireless access.

We're expanding our footprint to just outside of the retail environment. For example, we're implementing wireless service in our lumber yards. As we progress, we really need to be focused on securing that, and ISE is going to allow us to do that.

We use ISE primarily for RADIUS authentications on our wireless networks and VLAN segmentation for those users.

We are working with packets and A011X. In some cases, we also do profiling.

We are using this solution because we wanted to improve security and reduce security gaps. This is mainly for our customers.

We primarily use Cisco ISE as a network access control solution. We do a lot of quarantine actions from our CSOC. We use the AnyConnect VPN by setting multiple deployments for dedicated purposes, where we use it to provide wireless.

We are on-prem at twelve separate sites with one main node.

We utilize Cisco ISE for authenticating both our employees and residents at our senior care center. We authenticate them either against LDAP or our network.

Cisco Identity Service Engine (ISE) is used mostly for endpoints. If you want to know the profiling and what endpoints are connecting to your company, then ISE is a good solution because it has built-in signatures. Therefore, it knows what kinds of devices are getting added into the network.

You can install it with any cloud provider, e.g., AWS or Azure.

You can install ISE locally. If your site is critical, like in manufacturing, you need to make sure that ISE is a part of the local site. Usually, people install data centers, but you can also install at critical sites.

We use it for wired .1x, wireless authentication, VPN, and multi-factor authentication. We wanted to have a consistent experience for authentication and authorization of endpoints across the network, as well as security.

This solution provides access to the employees of the company.

We currently use it for RADIUS and TACACS authentication, but we're moving to SD Campus Fabric. We're tying that in with DNA Center, making it flow with the wireless and authentications at the port, using .1X. That's where we're headed.

We have a 10-node deployment: two PSNs, four dedicated to TACACS and RADIUS, two dedicated to guest WiFi, and two dedicated to pxGrid.

We use Cisco ISE for 802.1 network authentication.

We use Cisco ISE for device administration with TACACS.

Cisco ISE is on the back end, and all our policies and security are on it. DNS centers and all our network backbone is integrated into Cisco ISE. So, the solution is pretty critical for us.

We utilize Cisco ISE for wireless user authentication, as well as authentication, authorization, and accounting for our network devices.

One of our use cases is using it for authentication for the wireless. Our internal corporate network is using the Cisco ISE server to authenticate clients and make sure that we have the right clients on the wireless side, as well as on the wired side. We just introduced that about a year ago to make sure all our wired clients are our clients and not some "rando" plugging into the network.

We use it for MAC Authentication Bypass, 802.1X authentication, and certification and validation against Active Directory. Because MAC devices can't be enrolled in the domain, we were doing a manual installation of certificates.

We use Cisco ISE to set different policies for various profiles. For example, someone on their own device has a different set of policies and postures than a person on a company machine. 

Currently, we are using Cisco's dictionary for both device and user authentication. When I say "device authentication," I mean we authenticate users who access network devices. 

We consider the running policy when users want to access a data center server. The user is forwarded to the ISE servers to be authenticated, and they're given a password defined on the ISE for them according to the policy.

We have two virtual servers with different rules. For example, one is used to authenticate and audit, and the other to authorize and authenticate. And since most of our centers don't support full ISE integration, we use only some features. That means not all our users are not authenticated via the ISE.

I do the designing and implementation and hand it over to the customer. Sometimes, I provide support to the customer. The solution is used for network access control. I have implemented almost all the features of the product.

We use Cisco ISE Identity Services Engine currently for TACACS and posturing.

We utilize Cisco ISE for network access control and employ RADIUS access for managing user control in our virtual environment.

We use it to secure our networks. We can secure our switches and wireless networks, basically everything.

We use it primarily for wireless security, but it can be used for many other things as well, like LAN and WAN security.

We use it for network access control. For security reasons, if a vendor plugs into our network, the port is automatically shut down because it's not authenticated to our network.

Right now we use Wireless.1X and TACACS for device management. It's in our wired network too, but only use it for MAC address bypass.

We use it for NAC and wireless, and for our TrustSec policy. These are the three primary use cases we have so far.

We use it mostly for identity, authentication, and authorizations for wireless and wired. The challenges we were looking to address were mostly around the authorization and authentication of the users. We wanted to use the Identity Services Engine to make sure that the users accessing our network were authorized users, with the authentication happening before.

We use the solution for RADIUS authentication, device authentication, and TACACS. We also use it for Wi-Fi and guest portals.

We are using it mainly for .1X authentication, and we also authenticate our VPN users, and we are doing some light profiling and posture.

We're trying to solve the problem where different users have different privileges in the network. And also we're trying to block some access from our least privileged users. Those are the main use cases for us.

We have on-prem virtual appliances and a distributed model.

Right now, we are doing all wireless through ISE. We have also started migrating to wired.

We have about 20 sites. By having enough node regionalization, we have been able to have all our sites utilizing it.

It is deployed to multiple locations. We have one in Mexico, one in Kelso, two in Asia, and then two in the US.

We use Cisco ISE to authenticate users or devices onto the network and then drop them into the appropriate VLANs to isolate them and maintain network segmentation.

We use Cisco ISE for the authentication of wireless clients.

There's a variety of customer uses for Cisco ISE, which includes securing the edge of the network.

I use Cisco ISE for VPN and authentication.

We use it as our complete NAC solution for both on the wire and wireless as well as guest wireless access and SGTs.

We have five hospitals. We have two service policy nodes at every hospital. We have a deployment at every hospital site.

We have two servers and they're both VMs. Every network system is issued a certificate and each device coming onto the network has to be on the domain with an active AD user logging into it. It needs an up-to-date AMP, which is our Cisco malware and virus scan product and it also needs to have the most current Microsoft security updates and the three layers that we're using: The core VPN, the Network Access Manager and the ISE profiler. When it goes through all those different things on every port on the switch, there are commands for it to be able to go through an ACL so it knows what users are there, what server, and what devices have been put onto the domain. It can verify all that.

The user can then proceed on to the network. We've set it so that regular users are VLAN'd off and can only see the data network through ISE and are blocked from seeing the rest of the network. Depending on the department needs or other factors, we have cameras for security which are on a different VLAN, and they can see those. We also have something for O&M where the AC guy can see the AC equipment, and we can prevent all the VLAN's from being viewed by everybody.

We are customers of Cisco and I'm the infrastructure and Cyber security manager.

We primarily use the solution for network access control solution and network device access management. The solution comes with features like posturing.

At first, Cisco ISE was a replacement for only ACS RADIUS. It was mostly for remote access VPNs and Wi-Fi. That was it, and later, it evolved into a complete ACS replacement, so it's for both TACACS and RADIUS. Nowadays, we also deploy .1X quite a lot. 

We use it for our AAA authentication through Active Directory. We also use it a lot to verify command line history.

We have ISE in the data center environment with redundancy, and we use it for authentication for all our devices. We have access to our third-party vendors, and for the new projects, we all use ISE. It's an awesome enterprise product for on-premises or for cloud-based deployments.

We have been authenticating our company's employees and certifying that they are in compliance. We have to certify our employees in regards to compliance, having all the necessary protections in our infrastructure for their endpoints, notebooks, laptops, and mobile phones.

We have implemented it across the entire company in every area and department at every single level of our organization.

So far, it has been on-premises. We are still working to expand it to integrate with multiple cloud providers, like AWS.

We use it for the identification of our devices, users, and wireless users.

We use it for identity services, profiling, and locking down devices.

We're an airport, so when anybody plugs in a device, it's obviously a really big security point for us.

We use it for Cisco device TACACS authentication and .1X security. 

The primary use cases include customer environments, BYOD, posture assessment, and dot1x for wireless and wired networks.

We use it for network device administration and for user access.

I am not certain if I am using the latest version. It is the one which is made for TV. 

We use the solution to access control. Prior to any device being authenticated on the network, a person must login to the solution's site for authentication purposes. 

My clients are small to enterprise-size companies using this networking solution. One of my clients is a leading pharmaceutical manufacturing company, providing genetic medicine. The network they have has approximately 5,000 device inventory. Additionally, I have a couple of clients in the banking industry in the USA that has quite a large networking infrastructure using this solution.

Our use cases are based around dot1x. Basically wired and wireless authentication, authorization, and accounting. 

In terms of administration, only our networking team uses this solution. Probably five to ten administrators manage the whole product. Their role pretty much is to make sure that we configure the use cases that we use ISE for — pretty much for authenticating users to the wired and wireless networks. We might have certain other advanced use cases depending on certain other business requirements, but their job is pretty much to make sure all the use cases work. If there are issues, if users are complaining, they log into ISE to troubleshoot those issues and have a look at the logs. They basically expand ISE to the rest of the network. There is ongoing activity there as well. The usage is administrative in nature, making sure the configurations are okay, deploying new use cases, and troubleshooting issues.

We're using version 3.1, which is very stable. There have been a lot of improvements.

We use ISE for security group tagging in terms of guests and visitors who access the network to make sure that they actually go through this to control their privilege access to ensure they don't actually access the internal network, etc. 

Our clients use ISE as a form of security policy management so that users and devices between the wired, wireless, and VPN connections to the corporate network, can be managed accordingly.

Take a house for example. Sometimes you need to access a room via a certain keyhole, so you use a key that is unique to that door. With ISE, you can segment this process in terms of policy management based on the security tag. You actually grant the user access based on the tagging.

That's the IT trend — saving a lot on operating costs to manage the different users and access methods.

Within our company, we have roughly 200 employees using this solution.

We primarily use the solution for user authentication and wireless segmentation of users for actual radius purposes.

Mainly the use case of the solution is for ensuring that the corporate staff gets access to their authorized systems. 

Another use case is for contractors to get access to the authorized systems. Those are the ones that hope to assist in the maintenance or for authorized admissions to the network.

We do also use it for remote access, for example, VPN's and also for wired and wireless access to the network.

We use it to ensure that any device that connects to our network or wireless environment is a company-owned asset and has all the security certificates. We aren't doing too much remediation. We just identify whether it's one of our assets and whether it's allowed.

The ISE product is used to make sure that folks can get access to the application servers that they need to get access to, let's say for accounting and another group like sales and marketing, they would have no business accessing each other's servers, those apps. So you would set up a policy that allows accounting to do what they have to do whether they're remote or on campus and then the sales and marketing folks could never access that. They are totally blocked. It's a virtual firewall, basically.

We are resellers. We provide and deploy solutions for our customers.

Cisco ISE (Identity Services Engine) helps the operation to automate.

We use this solution to protect the network especially when someone brings their own device and to lock out access to anybody connecting to the network. Also to make sure that the people connect to the correct VLAN. So, mainly for security wifi access so that when people want to connect to our wifi they have to log in using their credentials.

My main uses are device administration, wireless access authentication, and ethernet access.

We use this solution for network security.

We mainly use it for endpoint security.

We use it for the TACACS authentication, for administrator login to network devices, and the RADIUS service for VPN and wireless authentication.

Initially, we were looking for a single sign-on for administrators to log in to every network device, but we also wanted a good way to control remote user access for logging in. Later we started using it for VPN and wireless.

The solution is used for controlled access in the network, like if you want to restrict access.

The solution is deployed on-prem. I am an integrator of this solution.

It's mostly for authentication to our network for our end-users.

I'm using Cisco ISE for integration. We are currently using it for 82.X, but we are planning on using it for a different use case in the next couple of quarters.

Our use case is managing access to network devices for IT as well as end-users. Making that seamless is the challenge we were looking to handle.

I use it for licensing and profiling. It's like a "traffic cop." It's an endpoint user migration tool. It's also a TACACS server. It depends on what I'm using it for at the moment.

For the applications it's authentication and then authorization into the network. It's the networks you're on and what AD gives you. Your profile is based in AD or an LDAP server. ISE talks to those two servers and says, "What groups do you belong to, and should you have access to those roles?" With ISE, if AD says you can have it, then go for it.

I use it in big campus environments, anywhere that needs authentication and authorization to work with AD. It's a great tool for that, if you want to profile your network and you want to secure your network inside. We're not talking about firewalls but about what the tool can do for you, what it's designed for.

We use it for Community WiFi and TACACS authentication. It is service provider authentication, both for the core infrastructure and Community WiFi.

We were looking to solve captive portal and centralized authentication with Cisco ISE.

We use it for SDA infrastructure. We have a challenge in recognizing different kinds of devices and that's what we are using ISE for in the SDA fabric.

We are a partner with Cisco and am a part of an information security team that uses Cisco to provide security policy management via network, device and wireless access. 

The company implemented the solution to keep track of wired and wireless devices.

We use this solution to provide wireless for our residence halls and guest networks. We're also a college that works primarily off of iPads, so we have to be able to keep resident hall activity off of the network so that students can do their homework and class activities. We use the Services Engine to authorize all of them.

I primarily use ISE for segregating identities, IP addresses, and ports.

One of the use cases was the certificate-based authentication for the endpoints. All the laptops and mobiles are embedded with certificates and once they get authenticated, then only they would be able to connect to the LAN. 

The other use case was the NAC use case wherein the integrity of the laptops and mobile and such were checked before the scan. They fulfill the policy requirements and then they are able to connect to the network.

The third use case was the consolidated access control management for all the network devices and security devices. 

We use the solution to secure the endpoint. Before the user connects to the network, it can be investigated whether to connect.

I'm an engineering student, studying smart information and communication technology.

Our clients use Cisco ISE for security, especially in the finance industry.

We primarily use the solution in our infrastructure.

We use this solution for both wired and wireless network access control. We have deployed it in a bank, government offices, and some universities.

We are a reseller of Cisco ISE. 

We use Cisco ISE for device authentication, such as auto switches, and wireless authentication.

I am a reseller. I provide solutions to our customers.

We used Cisco ISE for Wi-Fi implementation for one project at the International Airport.

Our customers use Cisco ISE (Identity Services Engine) as a network access control solution. Before they can get network access, you can do posture check, e.g. in the Windows version, or another version, then it is only after this posture check that the clients can enter the network.

The solution is primarily used for Network management and Network Access Controls.

We primarily use the solution for network admission control.

We use it to aid the tools that we make and to sponsor and get flow.

My primary use case of this solution is for access control for authentication and for the authorization of wireless users.

We use Cisco ISE for authentication for VPN and network management.

The primary use case is to have network access control and automation to integrate with the enterprise network. It also helps provide a method to make segmentations between users and enable access control.

We are a system integrator and Cisco ISE is one of the products that we sell and implement at our customers side. I have built ISE's POC and provided training to our customers.

I also used real rent lab which was including; Active Directory integration, network access and core switches, access points, wireless access controller, and end points. (some end points have cisco client - anyconnect, and have not), and Web Server for creating wireless authentication portal solution end to end

The AAA features were awesome and have important attributes, and also the security groups (SGTs) concept to enforce policies for each group of users, regardless they coming via wired or wireless network devices. also i see the guest authentication is very rich and easy tom implement 

We use Cisco ISE for network management, user access for enterprise clients, and advanced firewall support. We use Cisco ISE on domains and clients jointly with other network software utilities.

We use Cisco ISE to develop products for other people. We don't really use it in our system. We just buy it and implement it when our customers require ISE.

My primary use case is network address translation and layer 4 filtering.

We use this solution to authenticate the domain users and if someone is not the domain user to make them a guest.

I am a reseller. We also implement solutions for our clients. Currently, we have a client who is doing a proof of concept with different clients of their own.

We sell this product to many different clients here in Mexico for both retail and manufacturing plants.

Our clients use Cisco ISE (Identity Services Engine) to secure the access of the users. It's a great tool for access control functions.

It's a network access manager.

Our primary use case is to grant access to users, we deploy the bring your own device policy.

We are using Cisco ISE for limiting port access in our organization's building for wired and wireless networks.

My primary use case of this solution is to protect the website from web attacks. 

We mainly use it for authenticating devices on our network.

The solution is primarily used for authentification purposes. 

We use this solution to monitor and secure devices on our network.

Our company doesn't use Cisco ISE internally. We act as the solution reseller. Our business model is set up to provide a network-based approach for adaptable, trusted access to our clients. We provide our clients with intelligent, integrated protection through intent-based policy and compliance solutions.

My primary use case for this solution is as a server for my networking devices.

We are an ISP and we are working on providing ISP solutions for companies. For that reason, we are trying to deploy ISE or other technologies.

We are a solution provider and we provide Cisco products, including ISE, to our customers.

This product is used to facilitate the connection of a local network to wireless access. This allows us to restrict users and their access.

• Wireless Control Solutions
• Physical Port Access Control
• Changing switch configuration records and account controls.