Cisco ISE

What is Cisco ISE

Cisco Identity Services Engine is network administration service that CSPD utilises to control access to the network.

ISE utilises Active Directory and Microsoft Intune to ensure all devices meet our known device/ known user policy.

Cisco ISE is utilised on our WPA2 Enterprise networks. CEDP Register, CEDP EdNet, CEDP Devices, CEDP Guest.

Wireless

CEDP Register

Users must first connect to CEDP Register network to enrol their devices onto the network. Users will authenticate via 802.1x using their AD credentials.

After enrolment ISE will verify that the device is enrolled and compliant in inTune, and then allow connectivity to CEDP EdNet.

CEDP EdNet

Users that are enrolled and compliant will be given access to connect to CEDP EdNet, they will authenticate via 802.1x using their AD credentials.

CEDP Guest

Users that are visiting a CEDP School have the ability to connect to our Guest network. ISE controls the guest portal and guest credentials.

Please Note: Devices that have connected to CEDP Guest, will be unable to connect to CEDP EdNet

The guide for connecting to Guest can be found here:

CEDP Devices

For devices (such as IoT) that do not accept 802.1x credentials, are able to connect to the CEDP Devices Network. This network is a WPA2 network, however is controlled by ISE via Mac Address.

For devices to connect, the mac address must be entered into ISE under the correct group. The device is then connected to the network via an identity pre-shared key (iPSK)

Each group has a different iPSK.