I'm currently browsing for Cisco ISE alternatives that aren't so complex since we're a small division of a much larger company. Here is what we're doing with ISE right now:
We have multiple clients on our property that all need to be on their own dedicated VLAN. As of right now, we use Cisco ISE to create usernames/passwords to give to our users and with that, they can get onto our Wi-Fi and hardline connections and will be assigned the VLAN that their username is associated with.
Example: Joe Shmoe needs credentials to get onto the internet. A request will come in and I create a username/password for him and assign those credentials to the VLAN they're working on. He'll then connect to our SSID, enter his username/password, open a web page and accept the terms of service. If he was connecting hardline instead, he'll connect the Ethernet cable, open a browser, navigate to a website and a login page will pop up that has the terms of service displayed as well. Once he enters his username/password, he clicks sign on and he's online.
On our end, we can reset passwords, disable/enable usernames, and move credentials to a different VLAN if someone moves to another project.
What I'm looking for is something that can replace that but get the users to be able to create their own credentials. Essentially have the user go to a customer portal, fill out the necessary information, pick the project they're working on from a drop down menu and input a security PIN associated with that project and they'll be able to create their own credentials. The PIN would be used to prevent anyone from creating usernames on other projects when they're not allowed.
Is there something that would fit my wish list?
As for devices like printers/smart TVs/gaming console, we connect them via Ethernet and assign it a static IP. If it needs to be on Wi-Fi, I get the MAC address and assign it the correct VLAN and connect it to our hidden SSID which will then give it an IP based on which VLAN I told it to go.
Let me know if you need more information. Thanks in advance.
No comments:
Post a Comment