ISE (Identity Services Engine) Basic Configuration and Commands

Cisco Switch Dot1x Config:

Configuring Global AAA Parameters:

conf t
username admin privilege 15 secret Cisco123
aaa new-model
aaa authentication login default local
aaa authentication dot1x default group radius
aaa authorization network default group radius
aaa accounting dot1x default start-stop group radius

radius server Our-ISE
address ipv4 192.168.1.105 auth-port 1812 acct-port 1813
key Cisco123
automate-tester username testuser
exit

aaa group server radius Our-Group
server name Our-ISE
exit

radius-server dead-criteria time 3 tries 3
radius-server deadtime 15
aaa server radius dynamic-author
client 192.168.1.222
server-key Cisco123
exit

ip radius source-interface gig 0/1
radius-server vsa send authentication
radius-server vsa send accounting

dot1x system-auth-control
ip adevice tracking
end

wr

Switch Port Configuration:

conf t
vlan 10,20,30,80,999

int range fa 0/1-8
switchport host
switchport access vlan 999
authentication priority dot1x mab
authentication order dot1x mab
authentication event fail action next-method
authentication event server dead action authorise vlan 10
authentication event server alive action reinitialize
authentication host-mode multi-domain
authentication violation restrict
mab
dot1x pae authenticator
dot1x timeout tx-period 5
authentication port-control auto
end

wr

Verification and Troubleshooting:
show int status (to check vlans the interfaces are)
show vlan brief (to see if the vlan now exists and an authenticated port it assigned to it)
show authentication sessions
show authentication sessions int fa 0/1 (MAC/IP/user/status/DACL/success/failure)

ISE:
Operations>RADIUS>Live Logs>Magnifying glass (detail) (shows the matching 5200 successful policy set/Authentication policy/Authorization policy)(Shows Switch/NAS IP and the switch port number)

Advertisement

Network/Cyber/Cloud/Information Security and GRC(GRC-Governance Risk Compliance)/IT Management and Strategy/Project Management)

ISO/IEC 27001 and 27002

ISO/IEC 27001 and 27002 (International Standards Organization/International Electrotechnical Commission)(International standards for ISMS (Information Security Management Systems))(10 sections known as clauses and 4.0 to 10.0 are mandatory)(Clause 6.0 requirements are also called Annex A which has 14 sections and 114 clauses)

https://www.itgovernance.co.uk/blog/iso-27001-the-14-control-sets-of-annex-a-explained

https://www.isms.online/iso-27001/requirements-controls/