Cisco Cisco Identity Services Engine 1.2 Prospecto
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 3 of 4
Figure 1. Map of Network Access Policy Based on Building Location
Note: Good system design of the wireless systems and the building infrastructure is required. It should be
evaluated when you integrate policies involved with granting access to critical systems and to roaming users
evaluated when you integrate policies involved with granting access to critical systems and to roaming users
between areas of a given environment. Location accuracy depends on the number of access points and the density
and type of
If the location accuracy is questionable for critical data, then we recommend that you do not permit access to such
data at all on the floor using the wireless system.
Use Cases
Healthcare
Use cases are plentiful. For example, allowing access to medical records only inside the treatment room and not
elsewhere can prevent data l
elsewhere can prevent data l
eakage and protect patients’ sensitive information from unauthorized parties. A healthcare
organization can also limit the medical devices themselves, disabling them when they’re taken outside a specific room,
floor, or building.
floor, or building.
Retail
Savvy retailers that offer customers in-store Wi-Fi connectivity gain an opportunity to enhance the shopping experience
and boost sales. But access needs to be controlled so that certain resources are available only in specific areas of the
store. As an example, a retailer may have a showroom where shoppers can stream demonstration videos to their mobile
devices.
and boost sales. But access needs to be controlled so that certain resources are available only in specific areas of the
store. As an example, a retailer may have a showroom where shoppers can stream demonstration videos to their mobile
devices.
Finance
Access to trading systems and other financial service systems is heavily regulated. With location-based network access,
financial institutions can allow traders access to trading systems only when the trader is on the trading floor and give
limited access (or no access at all) when the trader leaves the floor. Similarly, banks can give employees access to
banking systems only when they are in the bank and only from sanctioned devices.
financial institutions can allow traders access to trading systems only when the trader is on the trading floor and give
limited access (or no access at all) when the trader leaves the floor. Similarly, banks can give employees access to
banking systems only when they are in the bank and only from sanctioned devices.
Manufacturing
For manufacturing facilities, maintaining schedules, processes, and quality control requires that only authorized
personnel have access to machines. With location-based network access manufacturers can allow access to machinery
and changes to machines only when employees are on the production floor. This level of control mitigates the risk of
unauthorized parties hijacking mobile devices to disrupt operations.
personnel have access to machines. With location-based network access manufacturers can allow access to machinery
and changes to machines only when employees are on the production floor. This level of control mitigates the risk of
unauthorized parties hijacking mobile devices to disrupt operations.
Education
Academic institutions strive to maintain an unrestricted learning environment, providing students with access to content
relevant to their course of study. Increasingly that content is video based. Location-based network access allows schools
to incorporate video within the curriculum, so students can stream content only when physically inside the classroom as
part of a specific learning objective.
relevant to their course of study. Increasingly that content is video based. Location-based network access allows schools
to incorporate video within the curriculum, so students can stream content only when physically inside the classroom as
part of a specific learning objective.
Internet of Things
The Internet of Things is creating unprecedented opportunities for organizations as more devices come online. But it also
can create risks, depending on who, what, when, where, and what is connecting. The ability to limit device connectivity
can create risks, depending on who, what, when, where, and what is connecting. The ability to limit device connectivity