some mobile device managers and identity providers for
single sign-on. ISE can seamlessly integrate with all such
external identity stores and deliver network access
control.
Figure 11-9 shows how Cisco ISE integrates with
endpoints, networking devices, and external services.
Figure 11-9 ISE: Components and Deployment
Once a profile gets associated, various policies can be
enforced. These policies could be the following:
Time-based: Policies can allow specific devices only at particular
times.
Location-based: Each network element has a piece of location
information, and devices connected have specific policies attached.
Compliance based: Policies can ensure that endpoints have all
software patches before they are granted full access.ISE REST APIs
The Cisco DevNet site
https://developer.cisco.com/site/security/ provides
details of all API docs located at
https://developer.cisco.com/docs/identity-services-
engine/. In addition, you can find other resources within
the DevNet Sandbox, and you can reserve and use Cisco
ISE there.