In any operational data network, the two high-level outcome possibilities are connectivity and isolation. If every device can connect to every other device by enabling full connectivity, networking is relatively easy to create, but inherently unsecure. If a network fully isolates all forms of traffic, it is unusable.
Between these two extremes of connectivity and isolation exists an optimal balance for any organization.
In this white paper, we discuss how to achieve that optimal balance by implementing 802.1X with Cisco ISE. 802.1X is your first line of defense.
An important question to ask when dealing with a data network is where should security be applied? If an intruder or unauthorized user attempts access to a network, the best place to apply security is as close to the source as possible.
That’s exactly where the protocol 802.1X comes in.
802.1X was specifically designed to be the first security access protocol for any type of computing device attempting to access a network, whether by a wired connection, a wireless access point, or using a virtual private network (VPN). 802.1X only functions where any user first attempts to access a network, which also means that it plays no role in the core of any network.
802.1X is a formal standard by the Institute of Electrical and Electronics Engineers (IEEE), which means that different vendors can create unique products that all work together with this common standard. 802.1x allows authenticated uses to connect appropriately to the network, and unauthenticated users to be effectively isolated.