--> ISE Supports three types of authentication methods for the clients that are connected to the network.
1) MAC Authentication Bypass
2) 802.1x
3) Web Authentication
1) MAC Authentication Bypass
--> Authentication is performed based upon MAC Address
--> MAB Authentication is transparent user as it is done without any user interaction.
--> MAB method is simple to implement compared to other authentication methods.
--> Used on Ports where servers/routers/firewalls are connected to switch ports.
--> All Mac Addresses are needed to be added manually in ISE Appliance.
--> MAB Authentication does not restrict the user who is logging into endpoint, as authentication is based upon MAC Address.
2) 802.1X
--> Authentication based upon User Credentials based upon Internal/External User Database.
--> 802.1x is More Secure compared to MAC Authentication Bypass.
--> Devices must be 802.1x compliant or enabled.
--> Prevents unauthorized users from accessing the endpoint/device
3) Web Authentication
--> In case of Web Authentication, Users are authenticated by redirecting to the portal using the temporary/permanent username and password.
--> Web Authentication is implemented on the devices which are not compliant with 802.1x as well as for guest access to the network.
Md.Kareem
CCIE 54759
1) MAC Authentication Bypass
2) 802.1x
3) Web Authentication
1) MAC Authentication Bypass
--> Authentication is performed based upon MAC Address
--> MAB Authentication is transparent user as it is done without any user interaction.
--> MAB method is simple to implement compared to other authentication methods.
--> Used on Ports where servers/routers/firewalls are connected to switch ports.
--> All Mac Addresses are needed to be added manually in ISE Appliance.
--> MAB Authentication does not restrict the user who is logging into endpoint, as authentication is based upon MAC Address.
2) 802.1X
--> Authentication based upon User Credentials based upon Internal/External User Database.
--> 802.1x is More Secure compared to MAC Authentication Bypass.
--> Devices must be 802.1x compliant or enabled.
--> Prevents unauthorized users from accessing the endpoint/device
3) Web Authentication
--> In case of Web Authentication, Users are authenticated by redirecting to the portal using the temporary/permanent username and password.
--> Web Authentication is implemented on the devices which are not compliant with 802.1x as well as for guest access to the network.
Md.Kareem
CCIE 54759
Super Duper Explanation
ReplyDelete