ISE Certificate Authentication
When deploying Cisco ISE for Network Access Control using 802.1X, the most common authentication protocols used are PEAP/MSCHAPv2 or EAP-TLS, and to a lesser extent EAP-FAST and TEAP. PEAP/MSCHAPv2 is…
ISE Adaptive Network Control (ANC)
Adaptive Network Control (ANC) is a feature of Cisco Identity Services Enginer (ISE) that can be used to monitor and control network access of authenticated endpoints. With ANC you have…
MACSec switch-to-host
MACsec provides secure communication on wired networks; it encrypts each packet on the wire so that communication cannot be monitored. There are 2 deployment types:- Switch-host (user facing/downlink) MACsec or…
FTD FQDN objects
The FQDN ACL feature allows the Firepower Threat Defense (FTD) firewall to use FQDN objects in the Access Control Policies (ACP). For this functionality to work, the FTD must be…
FTD Traffic Zones (ECMP)
Cisco Secure Firewall (FTD) Firewall supports Equal Cost Multi-Path (ECMP) routing using traffic zones to group interfaces to load balance traffic over multiple interfaces. ECMP supports asymmetric routing and load…
FTD DNS Security
Cisco FTD DNS based Security Intelligence allows you to identify a suspicious DNS query and blacklist the resolution of the dubious domain. When using DNS security provided by the FTD,…