-
![[Day 115] Cisco ISE Mastery Training: Stealthwatch Threat‑Based Quarantine](https://networkjourney.com/wp-content/uploads/2025/08/Day-115-–-Cisco-ISE-Mastery-Training-Stealthwatch-Threat‑Based-Quarantine.png)
[Day 115] Cisco ISE Mastery Training: Stealthwatch Threat‑Based Quarantine
Introduction You’re the lead security engineer in a large financial enterprise. It’s Monday morning, and suddenly Stealthwatch starts flagging anomalous traffic from a user’s laptop in your corporate LAN. At first glance, nothing seems wrong — the user is just logged in and working. But […]
-
![[Day 116] Cisco ISE Mastery Training: SIEM Integration (Splunk, QRadar, ArcSight)](https://networkjourney.com/wp-content/uploads/2025/08/Day-116-–-Cisco-ISE-Mastery-Training-SIEM-Integration-Splunk-QRadar-ArcSight.png)
[Day 116] Cisco ISE Mastery Training: SIEM Integration (Splunk, QRadar, ArcSight)
Introduction Security telemetry is only useful if it’s collected, parsed, enriched, and acted upon. Cisco ISE holds critical identity, posture, and access events (802.1X, MAB, RADIUS Access-Accept/Reject, posture results, CoA actions, ANC), but those events must be consumed by your SOC fabric so correlation, detection […]
-
![[Day 117] Cisco ISE Mastery Training: Automated Incident Response via SIEM](https://networkjourney.com/wp-content/uploads/2025/08/Day-117-–-Cisco-ISE-Mastery-Training-Automated-Incident-Response-via-SIEM.png)
[Day 117] Cisco ISE Mastery Training: Automated Incident Response via SIEM
Introduction When seconds matter, your SOC can’t wait for humans to swivel-chair between alerts, switches, and identity stores. Automated incident response connects your SIEM detections to Cisco ISE enforcement so the moment Splunk/QRadar/ArcSight confirms a threat, ISE isolates the endpoint (ANC/DACL/SGT), revokes access (CoA), or […]
-
![[Day 118] Cisco ISE Mastery Training: REST API Advanced — Automating User Onboarding](https://networkjourney.com/wp-content/uploads/2025/08/Day-118-–-Cisco-ISE-Mastery-Training-REST-API-Advanced-–-Automating-User-Onboarding.png)
[Day 118] Cisco ISE Mastery Training: REST API Advanced — Automating User Onboarding
Introduction In the modern enterprise, manual onboarding of users is a bottleneck. Picture this: a new employee joins, HR requests IT to create credentials, IT manually adds them to ISE, assigns groups, emails credentials, and then configures device access. Multiply this by hundreds of employees, […]
-
![[Day 119] Cisco ISE Mastery Training: REST API Advanced – Automating Profiling](https://networkjourney.com/wp-content/uploads/2025/08/Day-119-–-Cisco-ISE-Mastery-Training-REST-API-Advanced-–-Automating-Profiling.png)
[Day 119] Cisco ISE Mastery Training: REST API Advanced – Automating Profiling
Introduction Profiling is how Cisco ISE fingerprints devices (IoT cameras, printers, IP phones, OT sensors, laptops) using probes (RADIUS, DHCP, CDP/LLDP, HTTP-UA, SNMP, NMAP, NetFlow, etc.). In large environments, manual tuning is too slow. REST/ERS + MNT APIs let you seed, enrich, re-profile, bulk-update, and […]
-
![[Day 120] Cisco ISE Mastery Training: Bulk Endpoint Management via API (ERS + OpenAPI)](https://networkjourney.com/wp-content/uploads/2025/08/Day-120-–-Cisco-ISE-Mastery-Training-Bulk-Endpoint-Management-via-API.png)
[Day 120] Cisco ISE Mastery Training: Bulk Endpoint Management via API (ERS + OpenAPI)
Introduction In real networks, endpoints don’t trickle in—they arrive in waves: 300 cameras for a new building, 1,000 scanners for a retail rollout, 2,500 laptops post-merger. Manually clicking through Context Visibility → Endpoints isn’t just slow—it’s operational debt that creates drift between policy intent and […]
-
![[Day 121] Cisco ISE Mastery Training: Automated Guest User Creation via API](https://networkjourney.com/wp-content/uploads/2025/08/Day-121-Cisco-ISE-Mastery-Training-Automated-Guest-User-Creation-via-API.png)
[Day 121] Cisco ISE Mastery Training: Automated Guest User Creation via API
Introduction Imagine you’re managing the network for a global enterprise campus or hospitality chain. Every single day, you’re bombarded with requests: “We have 200 guests for today’s event… Please create accounts for them.” If you’ve ever sat in the Cisco ISE GUI and painfully clicked […]
-
![[Day 122] Cisco ISE Mastery Training: Integration with Microsoft Intune](https://networkjourney.com/wp-content/uploads/2025/08/Day-122-–-Cisco-ISE-Mastery-Training-Integration-with-Microsoft-Intune.png)
[Day 122] Cisco ISE Mastery Training: Integration with Microsoft Intune
Introduction In today’s zero-trust enterprise networks, security is no longer about controlling who connects — it’s about ensuring the health and compliance of the device itself before granting access. Cisco Identity Services Engine (ISE) has long been the policy decision point (PDP) for identity-based network […]
-
![[Day 123] Cisco ISE Mastery Training: Integration with VMware Workspace ONE](https://networkjourney.com/wp-content/uploads/2025/08/Day-123-–-Cisco-ISE-Mastery-Training-Integration-with-VMware-Workspace-ONE.png)
[Day 123] Cisco ISE Mastery Training: Integration with VMware Workspace ONE
Introduction When we talk about modern NAC (Network Access Control), the real battlefield isn’t just user authentication — it’s device trust, compliance, and dynamic enforcement. Traditional methods that relied on MAC addresses or static profiling are broken by today’s realities: MAC randomization in iOS/Android/Windows, multi-device […]
-
![[Day 124] Cisco ISE Mastery Training: Okta Identity Federation](https://networkjourney.com/wp-content/uploads/2025/08/Day-124-–-Cisco-ISE-Mastery-Training-Okta-Identity-Federation.png)
[Day 124] Cisco ISE Mastery Training: Okta Identity Federation
Introduction In today’s enterprise world, the identity perimeter is no longer limited to Active Directory or on-prem LDAP directories. Organizations are adopting cloud-first strategies, and identity management is increasingly shifting to modern Identity Providers (IdPs) like Okta. Cisco ISE, being the policy brain of the […]
