Aaron Woland

Want to Join?
Opinions expressed by ICN authors are their own.

Aaron Woland, CCIE No. 20113, is a Principal Engineer at Cisco Systems, Inc., and works with Cisco’s Largest Customers all over the world. His primary job responsibilities include Secure Access and Identity deployments with ISE, solution enhancements, standards development, and futures. Aaron joined Cisco in 2005 and is currently a member of numerous security advisory boards, and standards body working groups. Prior to joining Cisco, Aaron spent 12 years as a Consultant and Technical Trainer. His areas of expertise include network and host security architecture and implementation, regulatory compliance, as well as route-switch and wireless. Aaron is the author of Cisco ISE for BYOD and Secure Unified Access book (Cisco Press), and many published white papers and design guides. Aaron is a member of the Hall of Fame for Distinguished Speakers at Cisco Live, and is a security columnist for Network World where he blogs on all things related to Identity. His other certifications include: GHIC, GSEC, Certified Ethical Hacker, MCSE, VCP, CCSP, CCNP, CCDP and many other industry certifications.

The opinions expressed in this blog are those of Aaron Woland and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies, including Cisco Systems.


Cisco Rapid Threat Containment quickly detects, removes infected end points

Cisco Rapid Threat Containment quickly detects, removes infected end points

Set up and use Cisco's Rapid Threat Containment with Cisco Firepower Management Center and Identity Services Engine to detect, remove infected end points.

Troubleshooting Cisco's ISE without TAC

Troubleshooting Cisco's ISE without TAC

Aaron Woland examines the top troubleshooting and serviceability features in Cisco's Identity Services Engine (ISE).

Triggered NetFlow — A Trick of the Trade

Triggered NetFlow — A Trick of the Trade

A deployment methodology for profiling difficult endpoints designed to enable NetFlow when needed, and disable when not.

How to use Anycast to provide high availability to a RADIUS server

How to use Anycast to provide high availability to a RADIUS server

A brilliant solution for providing high availability in a small RADIUS server/ISE deployment

Device administration with Cisco WLC

Device administration with Cisco WLC

My experience with a deep dive into device administration AAA with Cisco Wireless LAN controllers and the SourceFire/Cisco FirePower Manager software.

10 cool things about ISE 2.0

Now that Cisco has Finally Released the Identity Service Engine 2.0 (ISE) it seems only appropriate to call out some of the BEST things about it.

AnyConnect Day 0 Support for Windows 10 and OSX El Capitan

AnyConnect Day 0 Support for Windows 10 and OSX El Capitan

A summary of what versions are needed. What needs to be uninstall and re-installed. Best practices to get AnyConnect support on Day-1 of Windows 10, and what to do BEFORE you upgrade.

Machine Authentication and User Authentication

Machine Authentication and User Authentication

I am often asked about Machine Authentications, how they differ from User Authentications, and how to authenticate both identities togethers.

Cisco ISE API for Certificate Provisioning

Cisco ISE API for Certificate Provisioning

Here is a walk-through to write a script that leverages the certificate authorities RESTful API to generate certificate pairs.

Give me my Attribute mapping back for Sponsor Groups

Give me my Attribute mapping back for Sponsor Groups

Cisco ISE 1.3 introduced a completely re-written Guest solution that greatly simplifies the deployment and allows for high-levels of customization. Things have been simplified GREATLY, but unfortunately some of the power got lost at...

RADIUS versus TACACS+

RADIUS versus TACACS+

An explanation and comparison of RADIUS and TACACS+ for Authentication, Authorization and Accounting (AAA).

Load More