Cisco ISE offers a comprehensive set of pre-defined conditions, allowing you to utilize any of them. You can use these conditions either to apply the endpoint operating system condition directly or to establish an endpoint group tailored for specific OS types, which you can subsequently prevent from connecting.
Senior Technical Consultant at International Turnkey Systems - ITS
Real User
Top 10
Aug 25, 2023
Yes, you can do it by creating a profiling condition on the OS you want to disallow and setting a policy in the authentication to reject this exact OS.
Learn what your peers think about Cisco Identity Services Engine (ISE). Get advice and tips from experienced pros sharing their opinions. Updated: January 2026.
Cisco Identity Services Engine offers robust authentication, posture profiling, guest and secure access, and dynamic policy management. Known for its seamless integration with Cisco tools and network access control features, it ensures secure device and user authentication across networks. Cisco Identity Services Engine is renowned for its capabilities in managing authentication, guest access, and policy management through segmentation. Its TrustSec functionality, alongside RADIUS and...
Cisco ISE offers a comprehensive set of pre-defined conditions, allowing you to utilize any of them. You can use these conditions either to apply the endpoint operating system condition directly or to establish an endpoint group tailored for specific OS types, which you can subsequently prevent from connecting.
The VLAN on n any device including Cisco switches can be managed by Cisco ISE as long as SNMP is supported by the device.
In nut shell VLAN on a managed switch can be managed by Cisco ISE irrespective of that being Cisco or any other product.
Yes, you can do it by creating a profiling condition on the OS you want to disallow and setting a policy in the authentication to reject this exact OS.