Skip to Content

Cisco ISE

Cisco ISE surfaces TrustSec: security groups (SGTs), SGACLs, the policy matrix, SXP mappings, endpoints and network access devices.

Open a device from the Devices page or the sidebar to reach these tabs.

Overview

A summary of TrustSec posture for this ISE deployment.

Overview

Security Groups

Security Group Tags (SGTs); orphaned SGTs not referenced by any policy are highlighted.

Security Groups

SGACLs

Security Group ACLs that enforce SGT-to-SGT policy.

SGACLs

Policy Matrix

The TrustSec policy matrix: source SGT by destination SGT, resolving to an SGACL.

Policy Matrix

SXP

SXP peer connections propagating IP-to-SGT bindings.

SXP

Endpoints

Hosts learned on this device (by MAC, ARP, DHCP snooping, CDP/LLDP and 802.1X) enriched with vendor (OUI) and identity.

Endpoints

NADs

Network Access Devices registered to ISE.

NADs

Changes

Configuration changes over time, correlated to the responsible admin where audit data is available. Cards expand to a field-level diff.

Changes

Last updated on