Explanation: Cisco ISE use cases can be classified into four categories: device management, asset visibility, software-defined segmentation, and software-defined access. Each of these use cases has a different level of implementation complexity, depending on the network size, topology, security requirements, and integration with other technologies. Among these use cases, software-defined segmentation and software-defined access typically involve the highest level of implementation complexity, because they require:
- A thorough understanding of the network architecture and design principles, such as hierarchical, modular, and scalable design.
- A comprehensive assessment of the network devices, endpoints, users, applications, and policies, and their interdependencies and interactions.
- A careful planning and testing of the network segmentation and access policies, using tools such as Cisco TrustSec, Cisco DNA Center, Cisco SD-Access, and Cisco ISE .
- A smooth and secure migration from the existing network to the software-defined network, with minimal disruption and downtime.
- A continuous monitoring and optimization of the network performance, security, and compliance, using tools such as Cisco Stealthwatch, Cisco Tetration, and Cisco ISE .
References:
Cisco Identity Services Engine (ISE) Use Cases, https://www.cisco.com/c/en/us/products/security/identity-services-engine/use-cases.html : Cisco Enterprise Network Architecture and Design, https://www.cisco.com/c/en/us/solutions/design-zone/networking-design-guides/enterprise-networking-design.html : Cisco ISE Network Discovery, https://www.cisco.com/c/en/us/td/docs/security/ise/2-6/admin_guide/b_ise_admin_guide_26/b_ise_admin_guide_26_chapter_010011.html : Cisco TrustSec, https://www.cisco.com/c/en/us/solutions/enterprise-networks/trustsec/index.html : Cisco DNA Center, https://www.cisco.com/c/en/us/products/cloud-systems-management/dna-center/index.html : Cisco SD-Access, https://www.cisco.com/c/en/us/solutions/enterprise-networks/software-defined-access/index.html : Cisco ISE Software-Defined Access, https://www.cisco.com/c/en/us/td/docs/security/ise/2-6/admin_guide/b_ise_admin_guide_26/b_ise_admin_guide_26_chapter_010110.html : Cisco SD-Access Migration Guide, https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/sda-migration-guide.html : Cisco Stealthwatch, https://www.cisco.com/c/en/us/products/security/stealthwatch/index.html : Cisco Tetration, https://www.cisco.com/c/en/us/products/data-center-analytics/tetration/index.html : Cisco ISE Monitoring and Troubleshooting, https://www.cisco.com/c/en/us/td/docs/security/ise/2-6/admin_guide/b_ise_admin_guide_26/b_ise_admin_guide_26_chapter_010100.html