Cisco Identity Services Engine Network Component Compatibility, Release 1. Table of Contents. Cisco Identity Services Engine Network Component Compatibility, Release 1. Supported Network Access Devices. Supported AAA Attributes for Third- Party VPN Concentrators. Supported External Identity Sources. RADIUSRFC Standards. ![]() Supported Browsers for the Admin Portal. Supported Virtual Environments. Supported Client Machine and Personal Device Operating Systems, Supplicants, and Agents. Cisco NAC Agent Interoperability Between Cisco NAC Appliance and Cisco ISEClient Machine Operating Systems and Agent Support in Cisco ISESupported Operating Systems and Browsers for Sponsor, Guest, and My Devices Portals. Supported Devices for On- Boarding and Certificate Provisioning. Requirements for CA to Interoperate with Cisco ISEDocumentation Updates. Related Documentation. Release- Specific Documents. Platform- Specific Documents. Obtaining Documentation and Submitting a Service Request. Cisco Identity Services Engine Network Component Compatibility, Release 1. Revised: February 2. OL- 2. 70. 42- 0. This document describes Cisco Identity Services Engine (ISE) compatibility with switches, wireless LAN controllers, and other policy enforcement devices as well as operating systems with which Cisco ISE interoperates. Supported Network Access Devices. Cisco ISE supports interoperability with any Cisco or non- Cisco RADIUS client network access device (NAD) that implements common RADIUS behavior (similar to Cisco IOS 1. For a list of supported authentication methods, see the “Configuring Authentication Policies” chapter of the Cisco Identity Services Engine User Guide, Release 1. Internet Explorer (formerly Microsoft Internet Explorer and Windows Internet Explorer, commonly abbreviated IE or MSIE) is a series of graphical web browsers. Table of Contents. Cisco Identity Services Engine Network Component Compatibility, Release 1.2.x. Supported Network Access Devices. Supported AAA Attributes for Third. Your best two options for cleaning up temporary data are the built-in Disk Cleanup tool and CCleaner. We’ve already discussed how to use these and other tools to. InformationWeek.com: News, analysis and research for business technology professionals, plus peer-to-peer knowledge sharing. Engage with our community. Certain advanced use cases, such as those that involve posture assessment, profiling, and web authentication, are not consistently available with non- Cisco devices or may provide limited functionality, and are therefore not supported with non- Cisco devices. In addition, certain other advanced functions like central web authentication (CWA), Change of Authorization (Co. A), Security Group Access (SGA), and downloadable access control lists (ACLs), are only supported on Cisco devices. For a full list of supported Cisco devices, see Table 1. The NADs that are not explicitly listed in Table 1 and do not support RADIUS Co. A must use inline posture. For information on enabling specific functions of Cisco ISE on network switches, see the Switch and Wireless LAN Controller Configuration Required to Support Cisco ISE Functions appendix of the Cisco Identity Services Engine User Guide, Release 1. ![]() Note Some switch models and IOS versions may have reached the end- of- life date and interoperability may not be fully supported. Caution To support the Cisco ISE profiling service, use the latest version of Net. Flow, which has additional functionality that is needed to operate the profiler. If you use Net. Flow version 5, then you can use version 5 only on the primary NAD at the access layer, as it will not work anywhere else. Table 1 Supported Network Access Devices Access Switches. Web Auth. Session Co.A. Device Sensors. . Minimum OS. Catalyst 2. ![]() ISR Ether. Switch ES2 (Catalyst 2. S, Catalyst 2. 96. C LAN Base)IOS v 1. SE3. Yes. Yes. Yes. Yes. Yes. Yes. Yes. No. No. Catalyst 2. SF, Catalyst 2. 96. Plus. IOS v 1. 5. SE (ED) LAN BASE 4. Yes. Yes. Yes. Yes. Yes. Yes. Yes. No. No. Catalyst 2. 96. XR, Catalyst 2. 96. X IOS v 1. 5. 0. 2- EX3 (ED)Yes. Yes. Yes. Yes. Yes. Yes. Yes. No. No. Catalyst 3. 56. 0- C Catalyst 3. E, ISR Ether. Switch ES3 Catalyst 3. XIOS v 1. 5. 0. 2- SE2 (ED)Yes. Yes. Yes. Yes. Yes. Yes. Yes. Yes. Yes. Catalyst 3. 75. 0- GIOS v 1. SE3. Yes. Yes. Yes. Yes. Yes. Yes. Yes. Yes. No. Catalyst 3. E Catalyst 3. 75. XIOS v 1. 5. 0. 2- SE2 (ED) IP BASEYes. Yes. Yes. Yes. Yes. Yes. Yes. Yes. Yes. Catalyst 3. 85. 0, 3. IOS XE 3. 2. 2 SEYes. Yes. Yes. Yes. Yes. Yes. Yes. Yes. No. Catalyst 4. 50. 0 Supervisor Engine 7- E, 7. L- EIOS- XE v 3. 4. SG (ED)Yes. Yes. Yes. Yes. Yes. Yes. Yes. Yes. Yes. Catalyst 4. Supervisor Engine 6- E, 6. L- EIOS v 1. 5. 1. SG (ED)Yes. Yes. Yes. Yes. Yes. Yes. Yes. Yes. Yes. Catalyst 6. Supervisor 3. 2/Supervisor 7. IOS v 1. 2. 2(3. 3)- SXJ5 (MD)Yes. Yes. Yes. Yes. Yes. Yes. Yes. Yes. No. Device. Recommended OS Version. Web Auth. Session Co. A. d. ACL/ Named ACL. Trust. Sec. Device Sensors. Wireless LAN Controller (WLC) 2. ED)No 7. Yes. No. Yes. Yes. Yes. Yes. No. No. Wireless LAN Controller (WLC) 4. ED)No 7. Yes. No. Yes. Yes. Yes. Yes. No. No. Wireless LAN Controller (WLC) 2. ED), 7. 4. x, 7. 5 Yes 9. Yes. Yes. Yes. Yes. Yes. Yes. Yes. Yes. Wireless LAN Controller (WLC) 5. ED), 7. 4. x, 7. 5. Yes 9. Yes. Yes. Yes. Yes. Yes. Yes. Yes. Yes. Wireless LAN Controller (WLC) 7. ED), 7. 4. x, 7. 5 Yes 9. Yes. Yes. Yes. Yes. Yes. Yes. No. Yes. Wireless LAN Controller (WLC) 8. ED), 7. 4. x, 7. 5 Yes 9. Yes. Yes. Yes. Yes. Yes. Yes. No. Yes. Wi. SM1 Blade for 6. ED)No 7. Yes. No. Yes. Yes. Yes. Yes. No. No. Wi. SM2 Blade for 6. ED)No 7. Yes. Yes. Yes. Yes. Yes. Yes. Yes. No. WLC 5. 76. IOS XE 3. 2. 2 SEYes. Yes. Yes. Yes. Yes. Yes. Yes. Yes. No. Routers. Recommended OS Version. Web Auth. Session Co. A. d. ACL/ Named ACL. Trust. Sec. Device Sensors. WLC for ISR (ISR2 ISM, SRE7. SRE9. 00)7. 3. 1. ED)No 7. Yes. No. Yes. Yes. Yes. Yes. No. No. ISR 8. 8x, 8. Series 1. 01. 5. 3. T(ED)Yes. Yes. No. LWA (L3)Yes. Yes. No. Yes (IPsec) No. ISR 1. 9x, 2. 9x, 3. Series 1. 01. 5. 3. T(ED)Yes. Yes. No. LWA (L3)Yes. Yes. Yes. Yes (IPsec) No. Remote Access. Recommended OS Version. Web Auth. Session Co. A. d. ACL/ Named ACL. Trust. Sec. Device Sensors. Cisco ASA 5. 50. 0 and 5. X Series(for remote access only)ASA 9. NANANANAYes 1. 1Yes. Yes. Yes. No. Supported AAA Attributes for Third- Party VPN Concentrators. For third- party VPN concentrators to integrate with Cisco ISE and Inline Posture nodes, the following authentication, authorization, and accounting (AAA) attributes must be included in RADIUS communication: Calling- Station- Id (for MAC_ADDRESS)USER_NAMENAS_PORT_TYPEAlso, for VPN devices, the RADIUS accounting message must have the framed- ip- address attribute set to the VPN client’s IP address pool. Supported External Identity Sources. Refer to Release Notes for the Cisco Identity Services Engine, Release 1. Table 2 Supported External Identity Sources External Identity Source. OS/Version. Microsoft Windows Active Directory 2. Microsoft Windows Active Directory 2. R2—Microsoft Windows Active Directory 2. Microsoft Windows Active Directory 2. R2—Microsoft Windows Active Directory 2. Microsoft Windows Active Directory 2. R2 1. 5—LDAP Servers. Sun. ONE LDAP Directory Server. Version 5. 2. Open. LDAP Directory Server. Version 2. 4. 2. 3Token Servers. RSA ACE/Server. 6. RSA Authentication Manager. Any RADIUS RFC 2. RADIUSCisco ISE interoperates fully with third- party RADIUS devices that adhere to the standard protocols. Support for RADIUS functions depends on the device- specific implementation. RFC Standards. Cisco ISE conforms to the following RFCs: RFC 2. Remote Authentication Dial In User Service (RADIUS) RFC 2. RADIUS Accounting RFC 2. Remote Authentication Dial In User Service (RADIUS) RFC 2. RADIUS Accounting RFC 2. RADIUS Accounting Modifications for Tunnel Protocol Support. Supported Browsers for the Admin Portal. Mozilla Firefox version 5. Windows, Mac OS X, and Linux- based operating systems). Windows Internet Explorer 8. Note The Cisco ISE Admin portal does not support using the Microsoft IE8 browser in its IE7 Compatibility Mode (the Microsoft IE8 is supported in its IE8- only mode). Adobe Flash Player 1. The minimum required screen resolution to view the Cisco ISE Admin portal and for a better user experience is 1. Supported Virtual Environments. Cisco ISE supports the following virtual environment platforms: VMware ESX 4. VMware ESXi 4. x. VMware ESXi 5. x. Supported Client Machine and Personal Device Operating Systems, Supplicants, and Agents. Client Machine Operating Systems and Agent Support in Cisco ISE lists the supported client machine operating systems, browsers, and agent versions supporting each client machine type. For all devices, you must also have cookies enabled in the web browser. Note All standard 8. X supplicants can be used with Cisco ISE, Release 1. Cisco ISE. (For information on allowed authentication protocols, see the “Managing Authentication Policies” chapter of the Cisco Identity Services Engine User Guide, Release 1. For the VLAN change authorization feature to work in a wireless deployment, the supplicant must support IP address refresh on VLAN change.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
October 2017
Categories |