--> Guest Portal is a way of providing the network access to the visitors/guests who are visiting less frequently unlike the employees of the organization.
--> Basically the guests require Internet access to access their corporate emails and other resources over the Internet.
--> Guest Access in the ISE can be provided by using Guest Portals.
--> There are three types of Guest Portals can be created on Cisco ISE:
1) HOTSPOT Guest Access
--> Contains Acceptable User Policy (AUP) and Does not require any kind of authentication.
--> Contains Acceptable User Policy (AUP) and Does not require any kind of authentication.
--> When guests connect to the hotspot network with a computer or mobile and try to access any website over the Internet they will be automatically redirected to the hotspot portal when you can show them the banner of the company or Acceptable User Policy.
--> Once Guest/visitor clicks on AUP, The Guest Machine's MAC address will be stored in the database.
--> Hotspot Guest Access is recommended for guests who stay only one day to do their work in the company.
--> By using Hotspot Portal we can provide Internet access without the need for any authentication.
--> Optionally we can ask the Guest to enter the Access Code before providing Internet Access.
--> We can see this kind of Portals in Coffee Shops or Airports.
--> Once Guest/visitor clicks on AUP, The Guest Machine's MAC address will be stored in the database.
--> Hotspot Guest Access is recommended for guests who stay only one day to do their work in the company.
--> By using Hotspot Portal we can provide Internet access without the need for any authentication.
--> Optionally we can ask the Guest to enter the Access Code before providing Internet Access.
--> We can see this kind of Portals in Coffee Shops or Airports.
2) Sponsored Guest Access
--> Requires Guests/Visitors need to be authenticated before providing the network access.
--> Guest user accounts are created by Sponsors who are the employees of the organization.
--> The created Credentials can be sent to the guest using email/SMS or can be printed and provided.
--> Additionally the Sponsors can also approve accounts created by guests by visiting sponsor portal/Email.
--> Sponsored Guest Access is recommended for the visitors who stay in the organization for more than one week for their work.
3) Self Registered Guest Access
--> Requires users need to be authenticated before providing the network access.
--> Guest Accounts are created by the visitors by providing information such as email or phone number.
--> You may allow them the network access without any approval of the sponsor.
3) Self Registered Guest Access
--> Requires users need to be authenticated before providing the network access.
--> Guest Accounts are created by the visitors by providing information such as email or phone number.
--> You may allow them the network access without any approval of the sponsor.
--> The main difference between a self-registered guest portal and sponsored portal is, who is creating the account. In the case of Sponsored Portal, The employee is creating the guest account whereas the guest himself is creating the guest account in the self-registered guest portal.
--> Self Registered Guest Access is recommended when you want the guests to register themselves without having any employee approval to get the network access.
Reference: Cisco.com,
Md. Kareemoddin,
CCIE #54759
Super Duper Explanation
ReplyDelete