Hi Everyone,
I have been tasked to implement Cisco ISE for a mid-sized hospital (2000+ endpoints) to authenticate users and grant access to network ( wired and wireless). If computer is a member of the domain, you get normal access and if not then dumped the machine to guest VLAN. For IoT, we would implement MAB authentication. For domain machines, I would prefer to authenticate using certificates.
Here are some challenges: The current user VLANs are per floors with /24. So what would be the best strategy here to dynamically assign vlans for domain machines.
or Use Dynamic vlan assignment for IoT devices only such as Camera, Access Control, HVAC etc.
What would be best use case for hospital environment ?
Thanks!
No comments:
Post a Comment