Podcast: Play in new window | Download
Today’s show is all about Cisco ISE Client Authentication Design with Guest Expert Andy Richter, who is a Security Practice Manager and Distinguished Engineer at Presidio. This episode is a follow up episode from ZNDP # 29 – Cisco ISE Authentication Design! In this episode we are focusing on the Client Authentication piece of the puzzle. Andy and I talk about Supplicants, PEAP, EAP-TLS, EAP-Chaining, AnyConnect NAM, and much more! So much Tech in this episode so lets get to it!
Cisco ISE Client Authentication – Methodologies Overview
- Discussion of general supplicant capabilities and limitations
- Password vs certificate inner methods
- Go over TLS tunnel for outer security – Preventing rogue WLANs
- Server certificate trust design – Wildcard Certs and SAN Certs
- User vs Machine
Cisco ISE Client Authentication – Supplicants
Windows Native
- GPO
- PEAP
- EAP-TTLS
- EAP-TLS
- Prevent Guest access
Anyconnect NAM
- MIX methods
- EAP-Chaining – EAP-fast overview
- Corp SSID
- Wired Switching
Mac OSX
- MDM/JAMF provisioned
- PEAP
- TLS
Term of the Show:
- What is a Supplicant?
Guest Expert: Andy Richter
Today we welcome back my good friend Andy Richter as our guest Expert! Andy is a Full-on Cisco ISE Expert, he has written one of the best Cisco ISE Books that I still personally use as a reference today. He is actually the reason I learned ISE in the first place and he personally taught me some of the basics of ISE day one. He currently is a Distinguished Engineer and Security Practice Manager at Presidio!
How to engage with Andy further:
- Twitter: https://twitter.com/quasinerd
Call to Action:
- What topics would you like us to spotlight on our next Design episode?
Mentoring and Coaching with Zig:
Through your participation in a healthy mentoring and coaching relationship, you will benefit greatly from the education, the experiences, the influences, leadership and even the resources provided. Learn how you can accomplish more, in one year, than you could accomplish in your career…in your business…and in your life.
Accomplish More Now!!
Ask Zig:
Ask Zig episodes feature answers to the questions that you provide. Yes You! The questions can be technical, business, certification, or personal related. I can help out in all of these areas and much more. If you would like your question spotlighted and answered on the next #AskZig episode submit them now!
Submit Your #AskZig Question Now!!
Provide Feedback
- You can leave a comment on the blog!
- You can leave a voicemail at (617) 913-4103
- You can email us at Feedback@zigbits.tech
Engage with Zigbits further:
- Subscribe to the podcast on an iPhone or on an Android
- Follow Zigbits on Twitter!
- Follow Zigbits on LinkedIn!
- Follow Zigbits on Facebook!
Engage with me further:
Transparency:
This post may contain affiliate links to products or services were I may receive a level of compensation from your actions by following those links. This is seamless to you and does not add any additional cost to the products or services in question. In addition, I do not let any affiliate relationship cloud my judgement or my recommendation of a product or service. My recommendations will always be above reproach. This is my commitment to you Ziglets!