ZNDP 032 - Cisco ISE Client Authentication Design with Andy Richter - Zigbits - Where Zigabytes are faster than Gigabytes

Podcast: Play in new window | Download

Today’s show is all about Cisco ISE Client Authentication Design with Guest Expert Andy Richter, who is a Security Practice Manager and Distinguished Engineer at Presidio. This episode is a follow up episode from ZNDP # 29 – Cisco ISE Authentication Design! In this episode we are focusing on the Client Authentication piece of the puzzle. Andy and I talk about Supplicants, PEAP, EAP-TLS, EAP-Chaining, AnyConnect NAM, and much more! So much Tech in this episode so lets get to it!

Cisco ISE Client Authentication – Methodologies Overview

Discussion of general supplicant capabilities and limitations
Password vs certificate inner methods
Go over TLS tunnel for outer security – Preventing rogue WLANs
Server certificate trust design – Wildcard Certs and SAN Certs
User vs Machine

Cisco ISE Client Authentication – Supplicants

Windows Native

GPO
PEAP
EAP-TTLS
EAP-TLS
Prevent Guest access

Anyconnect NAM

MIX methods
EAP-Chaining – EAP-fast overview
Corp SSID
Wired Switching

Mac OSX

MDM/JAMF provisioned
PEAP
TLS

Term of the Show:

What is a Supplicant?

Guest Expert: Andy Richter

Today we welcome back my good friend Andy Richter as our guest Expert! Andy is a Full-on Cisco ISE Expert, he has written one of the best Cisco ISE Books that I still personally use as a reference today. He is actually the reason I learned ISE in the first place and he personally taught me some of the basics of ISE day one. He currently is a Distinguished Engineer and Security Practice Manager at Presidio!

How to engage with Andy further:

Twitter: https://twitter.com/quasinerd

LinkedIn: https://www.linkedin.com/in/andy-richter-b55a771/

Publications:
- Practical Deployment of Cisco Identity Services Engine (ISE)

Call to Action:

What topics would you like us to spotlight on our next Design episode?

Mentoring and Coaching with Zig:

Through your participation in a healthy mentoring and coaching relationship, you will benefit greatly from the education, the experiences, the influences, leadership and even the resources provided. Learn how you can accomplish more, in one year, than you could accomplish in your career…in your business…and in your life.

Accomplish More Now!!

Ask Zig:

Ask Zig episodes feature answers to the questions that you provide. Yes You! The questions can be technical, business, certification, or personal related. I can help out in all of these areas and much more. If you would like your question spotlighted and answered on the next #AskZig episode submit them now!

Submit Your #AskZig Question Now!!

Provide Feedback

You can leave a comment on the blog!
You can leave a voicemail at (617) 913-4103
You can email us at Feedback@zigbits.tech

Engage with Zigbits further:

Subscribe to the podcast on an iPhone or on an Android
Follow Zigbits on Twitter!
Follow Zigbits on LinkedIn!
Follow Zigbits on Facebook!

Engage with me further:

Follow me on Twitter!
Follow me on LinkedIn!

Transparency:

This post may contain affiliate links to products or services were I may receive a level of compensation from your actions by following those links. This is seamless to you and does not add any additional cost to the products or services in question. In addition, I do not let any affiliate relationship cloud my judgement or my recommendation of a product or service. My recommendations will always be above reproach. This is my commitment to you Ziglets!