Cisco ISE offers a comprehensive set of pre-defined conditions, allowing you to utilize any of them. You can use these conditions either to apply the endpoint operating system condition directly or to establish an endpoint group tailored for specific OS types, which you can subsequently prevent from connecting.
Senior Technical Consultant at International Turnkey Systems - ITS
Real User
Top 10
Aug 25, 2023
Yes, you can do it by creating a profiling condition on the OS you want to disallow and setting a policy in the authentication to reject this exact OS.
Learn what your peers think about Cisco Identity Services Engine (ISE). Get advice and tips from experienced pros sharing their opinions. Updated: January 2026.
Cisco Identity Services Engine (ISE) offers comprehensive network access control and visibility, supporting features like 802.1X authentication, profiling, and posturing. It integrates with Microsoft and other Cisco products, facilitating robust security policies across distributed networks.Cisco Identity Services Engine is a key player in network access control, offering centralized management and a user-friendly interface. It supports zero trust principles and provides strong authentication...
Cisco ISE offers a comprehensive set of pre-defined conditions, allowing you to utilize any of them. You can use these conditions either to apply the endpoint operating system condition directly or to establish an endpoint group tailored for specific OS types, which you can subsequently prevent from connecting.
The VLAN on n any device including Cisco switches can be managed by Cisco ISE as long as SNMP is supported by the device.
In nut shell VLAN on a managed switch can be managed by Cisco ISE irrespective of that being Cisco or any other product.
Yes, you can do it by creating a profiling condition on the OS you want to disallow and setting a policy in the authentication to reject this exact OS.