{"id":936,"date":"2025-08-06T11:31:04","date_gmt":"2025-08-06T11:31:04","guid":{"rendered":"https:\/\/www.testkings.com\/blog\/?p=936"},"modified":"2025-08-06T11:31:04","modified_gmt":"2025-08-06T11:31:04","slug":"cisco-ise-and-the-five-ws-a-comprehensive-guide-to-network-access-control","status":"publish","type":"post","link":"https:\/\/www.testkings.com\/blog\/cisco-ise-and-the-five-ws-a-comprehensive-guide-to-network-access-control\/","title":{"rendered":"Cisco ISE and the Five Ws: A Comprehensive Guide to Network Access Control"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">In the evolving landscape of cybersecurity, protecting an organization&#8217;s network from unauthorized access and potential threats is more important than ever. Traditionally, securing a network focused largely on perimeter defenses\u2014firewalls, intrusion detection systems, and secure network gateways. However, as technology has evolved, so too have the methods by which unauthorized users attempt to gain access to sensitive data. The rise of remote work, the explosion of Internet of Things (IoT) devices, and the growing reliance on cloud computing have created new vulnerabilities that traditional network security methods alone cannot address.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">This is where Network Access Control (NAC) comes in as a vital layer of defense in modern network security architecture. NAC solutions provide organizations with the ability to enforce policies that control which devices and users are allowed to access the network, based on the user\u2019s identity and the security posture of the device attempting to gain access. NAC helps ensure that only authorized users and compliant devices can connect to the network and access sensitive data, providing an essential safeguard against breaches and unauthorized access.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The fundamental question addressed by NAC is no longer \u201cCan someone access the network?\u201d but rather \u201cShould this user or device be allowed to access the network, given the security context and access requirements?\u201d As companies continue to deploy increasingly sophisticated IT environments, the need for robust NAC solutions to enforce the &#8220;who, what, where, when, and why&#8221; of network access has never been more critical.<\/span><\/p>\n<h3><b>The Changing Network Landscape and the Need for NAC<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">In the past, managing access to a corporate network was a simpler task. Employees typically worked from a fixed office location and accessed the network from desktop computers. The physical perimeter of the network was clearly defined\u2014users could only access the network from within the organization\u2019s walls. However, in today\u2019s modern business environment, this traditional approach is no longer sufficient. Employees may now work remotely, access the network from a variety of devices, or connect via a range of third-party services and cloud applications. This significantly expands the attack surface and introduces new security risks.<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Remote Work: The rise of remote workforces means that users no longer access the network from a fixed location within the company. With access from home offices, cafes, or traveling, the physical boundaries that previously defined a &#8220;trusted&#8221; network are blurred.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">BYOD (Bring Your Own Device): Many organizations have adopted BYOD policies, where employees can use their personal devices\u2014smartphones, laptops, tablets\u2014to access corporate resources. This introduces further complexity, as personal devices may not adhere to the company\u2019s security standards.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Cloud Services and IoT: The migration to cloud-based applications and the explosion of IoT devices connecting to networks further complicates access control. IoT devices often have minimal security measures, making them easy targets for attackers looking to gain entry to a network.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">The traditional security perimeter that once protected networks from external threats is no longer as effective, and organizations must now account for a more dynamic and dispersed network environment. This is where Network Access Control (NAC) solutions, like Cisco\u2019s Identity Services Engine (ISE), come into play.<\/span><\/p>\n<h3><b>The Role of NAC in Modern Security Architecture<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">NAC solutions are designed to control who or what can connect to a network and what they can do once they have access. This is achieved through a combination of identity authentication, device posture assessments, and dynamic policy enforcement. The key role of NAC is to ensure that access to network resources is granted only to users and devices that meet specific security criteria. This involves several core functions:<\/span><\/p>\n<ol>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Authentication: NAC systems authenticate users and devices before granting access. Authentication can be based on user credentials, device information, or both. This ensures that only legitimate users and authorized devices can access the network.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Device Posture Assessment: Before allowing a device to access the network, NAC systems check the device&#8217;s security posture. This involves assessing whether the device meets predefined security policies, such as whether it has the latest patches installed, if antivirus software is up to date, and whether it is running secure software versions.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Policy Enforcement: NAC solutions enforce policies that control access based on user identity, device health, location, and other contextual factors. For example, an employee might be granted full access to the network from a corporate-issued laptop but only limited access when using a personal mobile device.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Granular Access Control: NAC solutions can provide granular access control based on different variables, such as the user\u2019s role, location, device type, and time of access. For example, a sales employee may be able to access customer data from the office but be restricted from doing so when working remotely.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Real-time Monitoring and Enforcement: Many NAC solutions, including Cisco ISE, offer real-time monitoring of devices that are connected to the network. This continuous assessment allows network administrators to quickly detect unusual behavior, such as unauthorized access attempts or devices that have become non-compliant with security policies, and take appropriate action immediately.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Integration with Other Security Systems: NAC solutions integrate with other security tools, such as firewalls, intrusion detection systems (IDS), and endpoint security platforms. This creates a more robust, layered security architecture where different systems collaborate to protect the network.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ol>\n<p><span style=\"font-weight: 400;\">By providing these functions, NAC solutions help mitigate many of the risks associated with modern network environments. They ensure that access to sensitive data and network resources is strictly controlled and that only devices and users who comply with organizational security standards are allowed to interact with the network. This contributes significantly to the overall security of the organization, reducing the risk of breaches and unauthorized access to critical information.<\/span><\/p>\n<h3><b>Benefits of Implementing NAC<\/b><\/h3>\n<ol>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Enhanced Security: NAC strengthens the security posture of an organization by ensuring that only compliant and authorized devices can access the network. This reduces the chances of unauthorized access, which could lead to data breaches or system compromise.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Reduced Attack Surface: By limiting access to devices and users based on predefined policies, NAC helps to reduce the attack surface. This means that potential entry points for malicious actors are minimized, making it harder for them to gain unauthorized access to the network.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Visibility and Control: NAC provides administrators with detailed visibility into what devices are accessing the network, when they are doing so, and from which devices. This allows for better control over network access and enables administrators to quickly identify suspicious behavior or non-compliant devices.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Compliance: Many industries have stringent regulatory requirements for data protection, such as GDPR, HIPAA, and PCI DSS. NAC helps organizations comply with these regulations by ensuring that only authorized devices and users have access to sensitive data, and by maintaining detailed logs for auditing purposes.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Improved Productivity: NAC solutions can streamline the process of managing network access. By automating the authentication, device profiling, and policy enforcement, NAC reduces the administrative burden on IT staff and allows for more efficient management of network resources.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Scalability: As organizations grow and the number of devices and users increases, NAC provides the scalability necessary to manage access across a larger and more complex network. It ensures that policies can be consistently applied to new devices and users as the network expands.<\/span><\/li>\n<\/ol>\n<p><span style=\"font-weight: 400;\">The need for comprehensive security solutions is more critical than ever, and Network Access Control (NAC) has become a foundational element of modern network security. By ensuring that only authorized devices and users can access network resources, NAC reduces the risk of data breaches, improves visibility and control, and helps organizations comply with regulatory standards.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Cisco\u2019s Identity Services Engine (ISE) stands out as a robust NAC solution, offering advanced profiling, policy enforcement, and device health checks that enable organizations to secure their networks effectively. As networks continue to grow and evolve, implementing a strong NAC strategy will remain essential for maintaining the integrity of an organization&#8217;s security infrastructure.<\/span><\/p>\n<h2><b>The Five Ws of Network Access Control<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">The concept of Network Access Control (NAC) revolves around ensuring that only authorized users and devices can access a network, and that their access is granted based on clear, defined policies. To implement an effective NAC solution, it is essential to answer key questions that provide a complete view of network access. The Five Ws\u2014Who, What, Where, When, and Why\u2014serve as a framework to gain an in-depth understanding of network access, helping network administrators create and enforce robust security measures.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">NAC systems, such as Cisco Identity Services Engine (ISE), provide valuable answers to these questions. By addressing each of the Five Ws, organizations can enhance their security posture, maintain a strict control over network access, and proactively mitigate potential risks. In this part, we will explore how these Five Ws apply to NAC, starting with the basic foundational question: Who is accessing my network?<\/span><\/p>\n<h3><b>Who is Accessing My Network?<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">The first fundamental question in NAC is identifying who is attempting to access the network. Authentication plays a key role in determining the identity of users and devices seeking to connect to the network. Without a clear understanding of who is accessing the network, it is impossible to enforce any meaningful access control policies.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In today\u2019s enterprise networks, it is crucial to authenticate and track users and devices not only at the point of entry but also throughout their time on the network. Network Access Control systems like Cisco ISE are designed to address this question through robust identity management tools. By integrating with identity management systems like Active Directory (AD), Cisco ISE can authenticate users and devices before they are granted network access.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Cisco ISE offers several authentication methods, including 802.1X (a widely used standard for port-based network access control), MAC Authentication Bypass (MAB), and Web Authentication. These methods allow ISE to identify users through usernames, passwords, certificates, or other authentication mechanisms. Once authenticated, users are assigned to specific security groups based on their identity, such as their department or role within the company. This ensures that only authorized individuals are allowed access to critical network resources, minimizing the risk of unauthorized users gaining entry.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Identity-based network access is a cornerstone of a modern NAC strategy. With Cisco ISE, organizations can ensure that access is granted based on the user\u2019s identity and assigned security policies. For example, an employee from the HR department may be granted full access to sensitive payroll data, while someone from the marketing team might be restricted to marketing-related resources only.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Through identity-based authentication, Cisco ISE answers the question of \u201cWho is accessing my network?\u201d and establishes a foundation for implementing the other layers of NAC, such as device profiling and contextual access control.<\/span><\/p>\n<h3><b>What Devices Are Being Used on My Network?<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Once the identity of the user has been confirmed, the next step is to assess what devices are accessing the network. This is an especially important consideration in the modern workplace, where employees and visitors may connect to the network using a wide variety of devices, including laptops, smartphones, tablets, and even Internet of Things (IoT) devices.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Cisco ISE provides comprehensive device profiling capabilities, allowing administrators to gather detailed information about the devices attempting to access the network. By using various probes and technologies, Cisco ISE can identify the type of device, its operating system, software versions, and even its compliance with security standards.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Some of the probes used by Cisco ISE for device profiling include:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>NetFlow Probe<\/b><span style=\"font-weight: 400;\">: Gathers data about network traffic and helps identify the source and destination of traffic within the network.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>DHCP Probe<\/b><span style=\"font-weight: 400;\">: Tracks devices requesting IP addresses from the DHCP server, allowing Cisco ISE to classify devices based on their network behavior.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>HTTP Probe<\/b><span style=\"font-weight: 400;\">: Helps identify devices by examining HTTP headers and attributes sent during communication.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>RADIUS Probe<\/b><span style=\"font-weight: 400;\">: Provides additional information from devices attempting to connect through RADIUS authentication.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">By profiling devices, Cisco ISE allows organizations to go beyond simply identifying a device type (such as a \u201claptop\u201d) and gain a deeper understanding of the device\u2019s configuration and security posture. For example, Cisco ISE can determine whether a device is running an outdated operating system or missing critical security patches. This kind of information allows network administrators to set policies that ensure only secure, compliant devices are granted access to the network.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Device profiling also helps ensure that non-compliant devices are either quarantined or provided limited access to network resources until they meet security standards. For instance, a laptop running an outdated version of Windows might be denied access to sensitive corporate data but could still be allowed to access less critical resources until its software is updated.<\/span><\/p>\n<h3><b>Where Are These Devices and Users Logging In?<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Understanding where users and devices are accessing the network is a critical component of any effective NAC strategy. With users and devices now connecting from various locations\u2014offices, remote locations, home networks, and public Wi-Fi\u2014determining the physical or logical location of the device is essential for assessing the context of access.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Cisco ISE allows administrators to track the location of devices based on several factors, including the specific network access device (NAD) to which they are connecting. The NAD could be a switch, router, wireless access point, or VPN gateway. Each network device in the infrastructure can be tagged with its physical or logical location, which Cisco ISE can then use as part of its policy enforcement process.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Location-based access control is an essential feature for organizations with distributed networks or those supporting remote workers. For example, if an HVAC sensor is attempting to authenticate on a network port that services an HVAC system in the attic area, that would be entirely normal. However, if the same sensor is trying to authenticate on a network port in the company\u2019s public reception area, it would raise a red flag.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Cisco ISE can apply policies based on where the device is trying to authenticate. For example, a policy could be enforced that allows employees to connect only to certain access points in secure areas of the office, or restricts sensitive data access to specific office locations. This type of location-based policy enforcement is a powerful tool for preventing unauthorized access and ensuring that devices are connecting to appropriate segments of the network.<\/span><\/p>\n<h3><b>When Are These Devices or Users Accessing My Network?<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Knowing when a device or user is accessing the network is just as important as understanding who is accessing it. Time-based access control can provide a useful layer of security. For example, a user might be expected to access the network only during regular working hours, and attempts to log in at unusual times\u2014such as late at night or during weekends\u2014could indicate suspicious activity.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Cisco ISE allows administrators to monitor access times and create policies based on time-of-day or specific days of the week. If a user or device attempts to connect to the network outside of normal working hours, Cisco ISE can trigger alerts or apply additional authentication checks. This type of time-based access control is particularly useful for detecting anomalous behavior or potential security threats.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">For example, if a user who typically works during business hours is suddenly attempting to log in at 2 AM, this could signal an issue. While there may be legitimate reasons for after-hours access, it\u2019s important for administrators to be alerted to such events so that further investigation can be carried out.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Cisco ISE provides both real-time monitoring of login attempts and historical reports, allowing administrators to evaluate patterns of access and identify deviations from normal behavior. This time-based approach to NAC enhances security by providing an additional layer of control over when devices and users are granted access.<\/span><\/p>\n<h3><b>Why Was This Device\/User Allowed to Access the Network?<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Ultimately, the question of why a particular user or device was allowed to access the network is the most important of all. It goes to the heart of the NAC process\u2014understanding the rationale behind each access decision. The \u201cwhy\u201d is typically determined by the policies set by the network administrator, which are enforced by the NAC system.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The ability to answer the question \u201cwhy\u201d involves analyzing all the factors that led to a user or device being granted access. For example, a user might be allowed to access the network because they have valid credentials, their device is compliant with security standards, they are located in an authorized area, and they are accessing the network during normal working hours.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In a well-configured NAC solution like Cisco ISE, every access request is logged and tagged with detailed information about the authentication method used, the security posture of the device, the location of access, and the time of access. This data provides administrators with a complete picture of the access event, helping them understand why a user or device was allowed to connect.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The \u201cwhy\u201d also plays a critical role in enforcing security policies and ensuring that unauthorized or non-compliant users or devices are denied access or placed in a quarantine state. For example, if a device is found to be running outdated software or missing security patches, it could be denied access until it meets the organization\u2019s security standards.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The Five Ws\u2014Who, What, Where, When, and Why\u2014are fundamental questions that provide a comprehensive framework for understanding and managing network access. Cisco ISE answers these critical questions by providing deep insights into the identity of users, the devices they are using, the location and time of access, and the reasons why access is granted. By answering these questions, ISE helps organizations enforce strict access control policies, prevent unauthorized access, and ensure that sensitive data remains secure.<\/span><\/p>\n<h2><b>How Cisco ISE Addresses the Five Ws of Network Access Control<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Network Access Control (NAC) is a critical component of network security, ensuring that only authorized devices and users can access sensitive network resources. As networks become more complex and the variety of devices connecting to these networks grows, the ability to answer the Five Ws\u2014Who, What, Where, When, and Why\u2014becomes crucial for an organization to effectively manage and secure its network. Cisco Identity Services Engine (ISE) is a robust solution that can address these key questions and provide valuable insights into the dynamics of network access.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In this section, we will explore how Cisco ISE answers each of the Five Ws and provides comprehensive visibility, control, and security for an organization\u2019s network.<\/span><\/p>\n<h3><b>Who is Accessing My Network?<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">The question of \u201cWho is accessing my network?\u201d is the most fundamental question that any NAC solution must answer. Knowing who is attempting to access the network is critical to ensuring that only authorized users and devices are allowed entry. Cisco ISE provides robust user authentication capabilities that integrate with identity management systems, such as Active Directory (AD), to authenticate users and devices before granting network access.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Cisco ISE supports a variety of authentication methods, such as:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>802.1X Authentication<\/b><span style=\"font-weight: 400;\">: This is the industry-standard method for authenticating users and devices on wired and wireless networks. 802.1X uses certificates, usernames, and passwords to verify identity. Cisco ISE can enforce 802.1X authentication for devices attempting to connect to the network, ensuring that only authorized users are allowed to authenticate.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>MAC Authentication Bypass (MAB)<\/b><span style=\"font-weight: 400;\">: MAB is typically used for devices that cannot support 802.1X authentication, such as legacy devices or IoT devices. ISE can authenticate these devices based on their MAC address, ensuring that only authorized devices are allowed access.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Web Authentication<\/b><span style=\"font-weight: 400;\">: For guests or users without enterprise credentials, Cisco ISE can provide web-based authentication. Users are redirected to a captive portal where they authenticate using either temporary credentials or social login methods.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Cisco ISE also integrates with identity management systems, such as Active Directory, to map network access to a user\u2019s specific role within the organization. Once authenticated, users can be assigned to predefined policy groups that determine the level of access granted to the network. For example, an employee in the IT department might be granted full access to all network resources, while an employee in the marketing department may only have access to specific marketing-related systems.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">This identity-based authentication ensures that only authorized individuals are granted access to the network, addressing the &#8220;Who&#8221; question with precision and control.<\/span><\/p>\n<h3><b>What Devices Are Being Used on My Network?<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">The question of \u201cWhat devices are being used on my network?\u201d is becoming more complex as the variety of devices connecting to the network continues to expand. Gone are the days when only desktop computers and laptops accessed the network. Today, employees and guests can connect to the network using a wide range of devices, including smartphones, tablets, printers, and IoT devices. This diversity in device types creates new security challenges, as many devices may not meet the organization\u2019s security standards.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Cisco ISE excels in device profiling, which allows administrators to gain deep visibility into what devices are connecting to the network. Cisco ISE can identify the type of device based on several factors, including the device\u2019s MAC address, operating system, installed software, and even its physical location on the network.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">To gather this information, Cisco ISE uses a variety of profiling methods and probes, such as:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>NetFlow Probe<\/b><span style=\"font-weight: 400;\">: This probe gathers data about network traffic and can identify the devices generating that traffic.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>DHCP Probe<\/b><span style=\"font-weight: 400;\">: The DHCP probe tracks devices requesting IP addresses from the DHCP server, allowing ISE to identify devices based on their network behavior.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>RADIUS Probe<\/b><span style=\"font-weight: 400;\">: This probe provides data on devices attempting to authenticate using the RADIUS protocol, helping to identify devices trying to connect to the network.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>NMAP Probe<\/b><span style=\"font-weight: 400;\">: The NMAP probe scans devices on the network to identify open ports and services, providing detailed information about the devices.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">By using these profiling techniques, Cisco ISE is able to gather extensive data about each device attempting to connect to the network. For example, ISE can determine whether a device is running Windows, macOS, or Linux, and it can also identify the specific version of the operating system. This allows network administrators to set policies that grant or deny access based on the device\u2019s security posture.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Moreover, Cisco ISE can detect when devices are running outdated software or have known security vulnerabilities. If a device is found to be non-compliant with the organization\u2019s security policies, it can either be quarantined, placed on a restricted network, or denied access entirely.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">By answering the &#8220;What&#8221; question, Cisco ISE helps administrators ensure that only compliant devices are allowed access, mitigating the risks associated with unmanaged or insecure devices.<\/span><\/p>\n<h3><b>Where Are These Devices and Users Logging In?<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">The next question in NAC is &#8220;Where are these devices and users logging in?&#8221; In today\u2019s world, users and devices can access the network from virtually anywhere\u2014whether it&#8217;s from a corporate office, a remote location, or a public hotspot. Understanding the location of users and devices is critical for assessing the context of the access and ensuring that policies are enforced accordingly.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Cisco ISE tracks the location of devices based on several factors:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Network Access Devices (NADs)<\/b><span style=\"font-weight: 400;\">: Cisco ISE can identify the location of the device based on the NAD it is connected to, such as a switch, router, access point, or VPN gateway. Each NAD can be tagged with a specific location, and this information can be used in access policies.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Geographic Location<\/b><span style=\"font-weight: 400;\">: For remote users accessing the network via a VPN or wireless network, Cisco ISE can track the geographic location of the device using IP geolocation. This can help administrators identify whether a user is accessing the network from a location that makes sense based on their role or working hours.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Location-based policies can be implemented to further strengthen security. For example, an employee might be allowed to access certain network resources from the corporate office but not from a public Wi-Fi network. Or, a device connecting to the network from a different geographic location might trigger a multi-factor authentication (MFA) request to verify that the login attempt is legitimate.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">By answering the &#8220;Where&#8221; question, Cisco ISE helps administrators implement policies that are location-aware, preventing unauthorized access from unusual or unexpected locations.<\/span><\/p>\n<h3><b>When Are These Devices or Users Accessing My Network?<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Understanding when users and devices are accessing the network adds another layer of security insight. Network access patterns can provide valuable information about potential security risks. If a user or device is accessing the network outside of normal working hours, it might indicate suspicious behavior or a potential security breach.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Cisco ISE provides real-time monitoring and historical reporting, allowing administrators to track when users and devices are attempting to access the network. By analyzing access times, Cisco ISE can help detect anomalies. For example:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">An employee who typically works during business hours suddenly logging in at 2 AM could be flagged for further investigation.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">A device attempting to connect to the network at an unusual time could trigger additional authentication checks or access restrictions.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Cisco ISE allows administrators to create policies that grant or deny access based on time-of-day, ensuring that access is only granted during acceptable hours. For example, an employee might be granted access to the network during normal business hours but restricted or placed in a guest VLAN after hours.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">By answering the &#8220;When&#8221; question, Cisco ISE provides valuable context to network access, helping to identify suspicious behavior and strengthen security.<\/span><\/p>\n<h3><b>Why Was This Device\/User Allowed to Access the Network?<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Finally, the question of &#8220;Why was this device\/user allowed to access the network?&#8221; is essential for understanding the rationale behind network access decisions. It\u2019s important to know why a user or device was granted access and whether this access aligns with security policies.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Cisco ISE\u2019s role in answering this question is twofold:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Policy Enforcement<\/b><span style=\"font-weight: 400;\">: Cisco ISE evaluates access requests based on predefined policies and makes decisions about granting or denying access. These policies take into account a variety of factors, such as the user\u2019s identity, device security posture, location, time of access, and the authentication method used.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Audit and Logging<\/b><span style=\"font-weight: 400;\">: Cisco ISE maintains an audit trail of all authentication requests, including detailed logs of who attempted to access the network, from where, when, and using what method. This audit trail is invaluable for troubleshooting and for understanding why certain access decisions were made.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">By providing detailed context and rationale for each access decision, Cisco ISE enables administrators to understand and verify why access was granted, and ensures that the network is protected from unauthorized users or devices.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Cisco ISE is a comprehensive solution that addresses the Five Ws of network access control\u2014Who, What, Where, When, and Why. By answering these questions, Cisco ISE helps organizations gain deeper insights into who is accessing their network, what devices they are using, where they are accessing the network from, when they are doing so, and why they were allowed access in the first place. This level of visibility and control is crucial for maintaining a secure and compliant network environment in today\u2019s increasingly complex and dynamic network landscape.<\/span><\/p>\n<h2><b>Dynamic Policy Enforcement and Best Practices with Cisco ISE<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">With network environments becoming increasingly complex, the ability to dynamically enforce access policies based on the insights gained from the Five Ws\u2014Who, What, Where, When, and Why\u2014is crucial for modern network security. Cisco Identity Services Engine (ISE) not only answers these questions but also allows organizations to take action based on the gathered data. By enforcing dynamic policies that adapt to the context of each access attempt, Cisco ISE ensures that only authorized and compliant users and devices can access network resources.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In this section, we will explore how Cisco ISE dynamically enforces policies based on the Five Ws, how organizations can leverage this capability to improve security, and best practices for implementing effective NAC policies.<\/span><\/p>\n<h3><b>Dynamic Policy Enforcement Based on the Five Ws<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Cisco ISE&#8217;s ability to answer the Five Ws allows administrators to create and enforce network access policies that are context-aware. By combining multiple attributes\u2014such as user identity, device security posture, geographic location, and time of access\u2014Cisco ISE can dynamically adjust network access permissions in real time. Let\u2019s look at how this dynamic enforcement works with each of the Five Ws.<\/span><\/p>\n<h4><b>Who is Accessing the Network?<\/b><\/h4>\n<p><span style=\"font-weight: 400;\">The &#8220;Who&#8221; question is fundamental to dynamic policy enforcement. By identifying the user or device requesting network access, Cisco ISE can apply policies that match the user\u2019s role, department, or group. This is typically achieved through <\/span><b>identity-based policies<\/b><span style=\"font-weight: 400;\">, which ensure that users are assigned appropriate access levels based on their authentication credentials.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">For example, in an enterprise network, employees from different departments (e.g., IT, HR, and Marketing) might need different levels of access to network resources. With Cisco ISE, you can define role-based access control (RBAC) policies. When a user logs in, Cisco ISE authenticates their identity through methods like 802.1X, and based on their role, it assigns access to specific network resources.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The policies could work like this:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>IT personnel<\/b><span style=\"font-weight: 400;\">: Full access to network management tools and systems.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>HR employees<\/b><span style=\"font-weight: 400;\">: Limited access to employee records and sensitive data.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Marketing team members<\/b><span style=\"font-weight: 400;\">: Access to public-facing marketing resources but restricted access to financial or HR systems.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">This dynamic assignment of policies ensures that users are only granted access to the resources they need, based on their role and responsibilities.<\/span><\/p>\n<h4><b>What Devices Are Accessing the Network?<\/b><\/h4>\n<p><span style=\"font-weight: 400;\">The &#8220;What&#8221; question\u2014\u201cWhat devices are accessing my network?\u201d\u2014is central to network security. Devices that are non-compliant or potentially insecure pose a serious risk to the network. Cisco ISE uses device profiling to determine the type and health of the device attempting to connect, assessing whether it meets organizational security requirements.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Once a device is profiled, Cisco ISE can enforce different policies depending on its security posture. For instance:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Compliant devices<\/b><span style=\"font-weight: 400;\">: Devices that meet organizational security standards (e.g., up-to-date antivirus software, the latest patches installed) can be granted full network access.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Non-compliant devices<\/b><span style=\"font-weight: 400;\">: Devices that fail to meet the security standards can either be denied access or placed on a restricted network segment, such as a guest network, until they become compliant.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Moreover, with the increasing use of IoT devices in the workplace, Cisco ISE can ensure that even these devices are profiled and access is granted only if they meet predefined security policies.<\/span><\/p>\n<h4><b>Where Are These Devices and Users Logging In?<\/b><\/h4>\n<p><span style=\"font-weight: 400;\">The &#8220;Where&#8221; question\u2014\u201cWhere are these devices and users logging in?\u201d\u2014answers the need for location-based access control. Cisco ISE can enforce location-based policies that restrict access depending on where the user or device is located. This could mean limiting access based on:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">The specific network access device (NAD) a user is connecting through, such as a specific switch, router, or wireless access point.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Geographic location: For remote users accessing the network via VPN, Cisco ISE can track the geographical location and ensure that users are logging in from trusted locations. Access from unusual locations or geographies could trigger additional security checks or deny access entirely.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">For example, an employee might be granted full access when connecting from the office or a known VPN gateway, but restricted access or additional authentication (e.g., multi-factor authentication) might be required if they attempt to log in from an unrecognized location or public Wi-Fi.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">This location-based enforcement of policies provides another layer of security and helps prevent unauthorized access by suspicious or untrusted locations.<\/span><\/p>\n<h4><b>When Are These Devices or Users Accessing the Network?<\/b><\/h4>\n<p><span style=\"font-weight: 400;\">The &#8220;When&#8221; question is particularly useful for detecting unusual behavior or identifying potential security incidents. By monitoring the time of day or day of the week that users or devices are accessing the network, Cisco ISE can apply time-based policies that grant or restrict access depending on the time of access.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">For instance:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Normal working hours<\/b><span style=\"font-weight: 400;\">: Employees can be granted full access to the network and its resources during regular business hours.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>After hours or weekends<\/b><span style=\"font-weight: 400;\">: Access might be restricted, or more stringent authentication methods (such as MFA) might be enforced if users are trying to connect during non-business hours. For example, an employee in the accounting department attempting to log in at 2 AM may trigger an alert or require additional authentication.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Using time-based policies, Cisco ISE helps organizations mitigate the risks of unauthorized access attempts made outside of normal business hours, which is often a sign of suspicious activity.<\/span><\/p>\n<h4><b>Why Was This Device\/User Allowed to Access the Network?<\/b><\/h4>\n<p><span style=\"font-weight: 400;\">Finally, the &#8220;Why&#8221; question is perhaps the most important for understanding why a device or user was granted access to the network. Cisco ISE provides full transparency into access control decisions, logging detailed information about why access was granted or denied. The decision-making process is based on policies defined by the organization, such as:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Device compliance checks (whether the device meets security posture requirements).<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">User identity and role-based policies.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Location-based or time-based restrictions.<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">In the event of a security incident or audit, this information is invaluable. Administrators can easily review the policies in place at the time of the access request and determine whether the decision to grant access was appropriate or if it violated security protocols.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">By answering the &#8220;Why&#8221; question, Cisco ISE helps organizations maintain control and accountability over their access control decisions, providing a complete audit trail that can be referenced during troubleshooting or investigations.<\/span><\/p>\n<h3><b>Best Practices for Implementing Dynamic Policy Enforcement with Cisco ISE<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">To make the most of Cisco ISE&#8217;s dynamic policy enforcement capabilities, organizations should follow these best practices:<\/span><\/p>\n<h4><b>1. Implement Role-Based Access Control (RBAC)<\/b><\/h4>\n<p><span style=\"font-weight: 400;\">Role-based access control ensures that users are only granted access to the network resources they need based on their role. Define roles clearly within your organization (e.g., IT, HR, Sales) and implement policies in Cisco ISE that reflect these roles. This principle of least privilege minimizes the risk of unauthorized access to sensitive data.<\/span><\/p>\n<h4><b>2. Profile Devices Accurately<\/b><\/h4>\n<p><span style=\"font-weight: 400;\">Take advantage of Cisco ISE\u2019s device profiling capabilities to ensure that only authorized devices can connect to the network. Regularly update the list of profiled devices and ensure that non-compliant or insecure devices are either denied access or placed in a restricted access zone. Use multiple profiling probes to gather as much data as possible about devices.<\/span><\/p>\n<h4><b>3. Use Location-Based Policies<\/b><\/h4>\n<p><span style=\"font-weight: 400;\">Leverage Cisco ISE\u2019s location-based capabilities to enforce access control policies based on where users or devices are connecting. This is especially useful for organizations with remote workers or locations that require varying levels of security. Configure your NAC system to restrict access from untrusted networks or regions that are not recognized as safe.<\/span><\/p>\n<h4><b>4. Establish Time-Based Access Controls<\/b><\/h4>\n<p><span style=\"font-weight: 400;\">Implement time-based policies to ensure that network access is only granted during appropriate hours. This will help prevent unauthorized access attempts during off-hours or weekends, which can often indicate suspicious activity. Make use of Cisco ISE\u2019s time-based policy enforcement for more granular access control.<\/span><\/p>\n<h4><b>5. Regularly Audit and Review Policies<\/b><\/h4>\n<p><span style=\"font-weight: 400;\">Conduct regular audits of your access control policies to ensure they are still relevant and reflect the organization\u2019s security posture. Review access logs to identify any potential policy violations or unauthorized access attempts, and update policies accordingly.<\/span><\/p>\n<h4><b>6. Integrate with Other Security Systems<\/b><\/h4>\n<p><span style=\"font-weight: 400;\">Cisco ISE integrates well with other security systems such as firewalls, intrusion detection\/prevention systems (IDS\/IPS), and endpoint protection platforms. Use this integration to enhance the security of your network and ensure that NAC works in conjunction with other security measures for a more holistic approach.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Cisco ISE enables organizations to dynamically enforce network access policies based on real-time insights into user identities, device security posture, geographic location, access times, and policy decisions. By answering the Five Ws\u2014Who, What, Where, When, and Why\u2014Cisco ISE allows administrators to make informed decisions about granting or denying access to the network, creating a robust and adaptive security environment.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Through dynamic policy enforcement, Cisco ISE helps organizations prevent unauthorized access, minimize security risks, and ensure compliance with internal security policies and external regulations. By implementing best practices for dynamic policy enforcement, organizations can maintain a secure and compliant network infrastructure while allowing flexibility for users and devices to access the resources they need.<\/span><\/p>\n<h2><b>Final Thoughts<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">As networks continue to grow in complexity and become more distributed, ensuring secure, authorized access is paramount for protecting sensitive data and maintaining organizational integrity. Network Access Control (NAC) has evolved from a peripheral security measure to a central component of modern IT security frameworks. Solutions like Cisco Identity Services Engine (ISE) provide organizations with the ability to enforce granular policies based on real-time context, ensuring that only authorized and compliant users and devices can access network resources.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">By addressing the Five Ws\u2014Who, What, Where, When, and Why\u2014Cisco ISE enables organizations to gain deep visibility into who is accessing their network, from what devices, where they are located, when they are accessing, and most importantly, why they were granted access. This comprehensive approach allows network administrators to tailor access policies to the specific needs of the organization, ensuring the security of both corporate data and user interactions.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The dynamic enforcement of these policies, using real-time data such as device health, location, time of access, and user identity, creates a much more adaptable security posture that can react quickly to changes in the network. Whether it\u2019s limiting access for non-compliant devices, enforcing time-based restrictions, or monitoring anomalous activity, Cisco ISE helps ensure that security is not just reactive but proactive.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">For organizations looking to implement or optimize their NAC strategy, Cisco ISE offers a flexible, powerful solution that can scale with the business and integrate seamlessly with other security tools in the organization\u2019s infrastructure. However, as with any security solution, it is critical to regularly review and update access control policies to ensure they remain aligned with both evolving business needs and emerging security threats.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">By following best practices\u2014such as implementing role-based access control (RBAC), device profiling, location-based policies, time-based controls, and integrating with other security systems\u2014organizations can ensure that their network remains secure, while still providing employees and authorized users with the access they need to perform their jobs efficiently.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Ultimately, the implementation of Cisco ISE for NAC provides organizations with the tools to manage network access in a secure, flexible, and scalable way. In a world where network environments are growing more dynamic and complex, the ability to answer the Five Ws and dynamically enforce policies based on real-time data is essential for reducing security risks and protecting valuable organizational assets. By leveraging Cisco ISE and adopting a holistic approach to NAC, organizations can better safeguard their networks against unauthorized access, minimize the risk of data breaches, and ensure compliance with regulatory standards.<\/span><\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In the evolving landscape of cybersecurity, protecting an organization&#8217;s network from unauthorized access and potential threats is more important than ever. Traditionally, securing a network [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[],"class_list":["post-936","post","type-post","status-publish","format-standard","hentry","category-post"],"_links":{"self":[{"href":"https:\/\/www.testkings.com\/blog\/wp-json\/wp\/v2\/posts\/936","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.testkings.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.testkings.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.testkings.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.testkings.com\/blog\/wp-json\/wp\/v2\/comments?post=936"}],"version-history":[{"count":1,"href":"https:\/\/www.testkings.com\/blog\/wp-json\/wp\/v2\/posts\/936\/revisions"}],"predecessor-version":[{"id":937,"href":"https:\/\/www.testkings.com\/blog\/wp-json\/wp\/v2\/posts\/936\/revisions\/937"}],"wp:attachment":[{"href":"https:\/\/www.testkings.com\/blog\/wp-json\/wp\/v2\/media?parent=936"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.testkings.com\/blog\/wp-json\/wp\/v2\/categories?post=936"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.testkings.com\/blog\/wp-json\/wp\/v2\/tags?post=936"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}