- 1 appliance
- 150 endpoints
The Cisco Identity Services Engine (ISE) Guest service allows guests, visitors, contractors, consultants, or customers to perform an HTTP or HTTPS login to access a network whether that network is a corporate intranet or the public Internet. The network is defined through a VLAN and downloadable access control list (DACL) configuration in the network access device (NAD). The Cisco ISE Guest service allows any user with privileges to easily create temporary guest accounts and to sponsor guests. The Cisco ISE Guest Service performs full authentication of sponsors. The sponsors are users who create guest accounts. Cisco ISE allows sponsors to provide account details to the guest by printout, email, or short message service (SMS). The entire experience, from user account creation to guest network access, is stored for audit and reporting purposes. When a guest user first attaches to the local network, either through a wireless or hard-wire connection, the user is placed in a segregated network with limited access. You can define this segregated network through the VLAN and DACL configuration on the wireless LAN controller (WLC) or NAD. In order for a guest user to function properly, the WLC or NAD must support captive HTTP and HTTPS portal login scenarios where login URLs can be mapped to RADIUS servers. The Cisco ISE Guest Service offers a simple client configurable Sponsor Portal for creating and managing Guest User accounts. Guest Service also supports default and customizable Guest Login Portals to handle Guest User login. Guest service provisions a guest account for the amount of time specified when the account is created.