O'Reilly logo

CCNP Security SISAS 300-208 Official Cert Guide by Kevin Redmon, Aaron Woland

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Closed Mode

Closed Mode is similar to the default behavior of 802.1X. As shown in Figure 20-3, the port does not allow any traffic before the authentication (except for EAP, CDP, and LLDP), and then the port will be assigned to specific authorization results after the authentication.

Note

Closed Mode was once called High-Security Mode, but it was renamed due to the perception that it was more secure than Low-Impact Mode. In truth, both modes are equally secure. The security level of either end state is truly dependent on the configuration of the devices and the policies on ISE, not the mode of operation. In other words, an admin can make Closed Mode very insecure or very secure, depending on the implementation.

As shown previously in Figure ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required