Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
205
Views
2
Helpful
2
Replies

ISE authentication and authorization for Microsoft Azure AutoPilot

Go to solution
mannycho
Level 1
Level 1

‎04-09-2024 06:25 PM

Hello

I have a couple of questions about ISE and Azure.

1.) What ISE external identity source integration works with Microsoft Azure so I can authenticate endpoints / computers that use Azure AutoPilot

2. How do I automatically get certificates on thousands of computers that are not members of a domain? (GPO won't work here)

3. If I want ISE to perform machine and user authentication and authorization for computers and users that are not members of AD domain, but are using Azure autopilot, how can I achieve that?

 

Thanks

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee

‎04-09-2024 06:49 PM

The current available options for Authentication and/or Authorisation of Users/Devices against Entra ID are discussed in this post:
https://community.cisco.com/t5/security-knowledge-base/cisco-ise-with-microsoft-active-directory-azure-ad-and-intune/ta-p/4763635

Certificates for Entra Joined endpoints would need to be enrolled using Intune. This would happen as part of the Autopilot process and ISE would have no control over this process.

View solution in original post

2 Replies 2

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee

‎04-09-2024 06:49 PM

The current available options for Authentication and/or Authorisation of Users/Devices against Entra ID are discussed in this post:
https://community.cisco.com/t5/security-knowledge-base/cisco-ise-with-microsoft-active-directory-azure-ad-and-intune/ta-p/4763635

Certificates for Entra Joined endpoints would need to be enrolled using Intune. This would happen as part of the Autopilot process and ISE would have no control over this process.

Go to solution
mannycho
Level 1
Level 1
In response to Greg Gibbs

‎04-12-2024 11:27 AM

Thanks Greg,

 

The link was very helpful. What is the acceptable latency for radius authentication from the endpoints connected network access devices to ISE when hosted in Azure?

0 Helpful
Customers Also Viewed These Support Documents