ISE/ISE-PIC configurations for user control

An ISE/ISE-PIC configuration uses realms, identity policies, and access control policies to control user access to network resources.

Configuration options

You can use ISE/ISE-PIC in any of these configurations:

With a realm, identity policy, and associated access control policy: Use a realm to control user access to network resources in policy. You can still use ISE/ISE-PIC Security Group Tags (SGT) metadata in your policies.
With an access control policy only. No realm or identity policy are necessary: Use this method to control network access using SGT metadata alone.