overview

How It Works (Simplified Flow)


  1. A device connects to the network (wired, wireless, or VPN).
  2. Cisco ISE receives an access request via RADIUS (from a switch, WLC, etc.).
  3. ISE:
    • Authenticates the user/device (e.g., via Active Directory)
    • Profiles the device (e.g., OS, vendor)
    • Checks policy conditions (who, what, where, posture)
    • Authorizes access (e.g., VLAN assignment, ACLs)
    • Logs session info (accounting)
If the device fails checks, ISE can quarantine it, block it, or redirect it for remediation.

ISE Support and Compatibility


ISE Virtual appliances are supported on the following on-premise and cloud platforms: 

  • VMware ESXi 6.5, 6.7 and 7.x
  • KVM on Red Hat 7.x
  • Microsoft Hyper-V on Microsoft Windows Server 2012R2 and later
  • Nutanix AHV
  • VMware Cloud
  • Amazon Web Services
  • Azure Web Services

For ISE physical appliance details please refer to the Cisco Secure Network Server datasheet.

Where all ISE can be installed?

ISE Licensing Model


Licensing Model for ISE 3.X
BOM for ISE. Visit http://ise-bom.cisco.com
ISE BOM


BOM for ISE. Visit http://ise-bom.cisco.com

resources

Reference


Faqs


What are the data collection methods used by Cisco ISE for Device Profiling? 

Primary Collection Method

  • DHCP | DNS | HTTP | RADIUS | NMAP | SNMP | AD | Netflow

Device Sensor

  • CDP | LLDP | H323 | SIP | MDNS 

Cisco Secure Client 

  • AnyConnect Identity Extensions (ACIDex)

NOTE: ISE has 550 built-in device profiles.

Provisioning Email

Configuration


Report abuse