Solved: Can I use the PC to open and view a WORD document, write an email etc, when the ISE is checking the ...

karl880234 · ‎07-17-2017

Our company plan to deploy ISE. According to the demo. of ISE by Cisco engineer, it takes time for ISE to conduct security policy enforcement and compliance check on endpoints after the successful authantication.

Some of our impatient users asked that can they use the PC to work, such as open and view a WORD document, write an email etc, when the ISE is checking the security compliance of the PC after the successful authantication.

Thank you.

Craig Hyps · ‎07-18-2017

Compliance check times will depend on type of checks--Posture, MDM, VA scanning, etc. In general, if a limited access policy has been applied during the assessment phase, then you can make a security policy decision as to allowable access in the assessment phase. They can certainly open local apps, but network communication will be governed by YOUR policy.

View solution in original post

Craig Hyps · ‎07-18-2017

Compliance check times will depend on type of checks--Posture, MDM, VA scanning, etc. In general, if a limited access policy has been applied during the assessment phase, then you can make a security policy decision as to allowable access in the assessment phase. They can certainly open local apps, but network communication will be governed by YOUR policy.

Can I use the PC to open and view a WORD document, write an email etc, when the ISE is checking the security compliance of the endpoint after the successful authantication?