Brief understanding of what Zero Trust is, what the history is that got us where we are today, and what gap exists between true ZT & the capabilities in the industry today.

In order to use Cisco Security Connector (CSC) for iOS, the endpoint must first be in supervised mode and managed by an MDM. The easiest way to manage Apple iOS devices is to use Apple's Device Enrollment Program (DEP); which is now rolled into their new Apple Business Manager (ABM) program. However, there are certainly … Continue reading Using Configurator 2 to prep iOS for CSC →

So I am often asked this question, so I figured I would blog it & then be able to just send a link to the blog to the next person(s) who ask this question. The magic question I'm referring to is: "how do I configure an email notification for events in AMP". I guess I … Continue reading Configuring Notifications with Cisco AMP →

Thanks for joining me!  I am creating this as a location to blog without filter and without restriction. This is a work in progress, but I will be bringing my previous blog posts into this site and adding FULL blog entries instead of the limited ones my previous blog was restricted to. So much time … Continue reading The Journey Begins →

When we added a certificate authority (CA) to Cisco's ISE in version 1.3, there was a tremendous interest level from the field.  Companies were looking for this functionality to make BYOD and secure network access from endpoints more secure and there was a LOT of buzz about this functionality. As the guy who flew all … Continue reading Cisco ISE API for Certificate Provisioning →

In ISE 1.0 Cisco introduced an integrated Guest solution with a next-generation RADIUS-based policy server.  That policy server was game-changing, certainly.  Other companies responded to this market changing model by making some very strategic moves with their chess pieces to be similarly positioned. Figure 1 shows an example of the ISE 1.2.x (and below) Sponsor … Continue reading Give me my Attribute mapping back for Sponsor Groups →

I'm amused at how often I hear negative comments about proprietary enhancements from Cisco.  I am one of many (many, many, many) employees of Cisco who is actively involved in standards body organizations, including the IETF.  Many of today's networking standards have started out as proprietary solutions that are available years prior to the standard being complete. … Continue reading Standards for Secure-Network-Access →

I'm sure Cisco would love to be the only network device that its customer have, and to be honest, there are many companies where that is true. However, it is just not the reality of 100% of companies that deploy Cisco ISE or ACS. One item in particular that I am asked about frequently is … Continue reading MAB with Non-Cisco Devices →

I find a few universal truths when mentioning certificates to people. Most people I speak with consider them to be a very secure concept almost without fail. However upon mentioning that I want to talk about certificates: that person's face turns a slightly lighter shade, their eyes get a bit wider, and they have this … Continue reading Simply Put: How Does Certificate-Based Authentication Work? →