Home > Networking Solutions > Enterprise/Data Center Networking Solutions > Enterprise SONiC Networking Solutions > Guides > Dell Technologies Enterprise SONiC Edge with Cisco ISE > Policy Sets
Policy sets in Cisco ISE can be configured with conditions and results to choose the network access services on the policy set level, the identity sources on the authentication policy level, and network permissions on the authorization policy levels. Users can define one or more conditions using any of the attributes from the Cisco ISE-supported dictionaries for a variety of different vendors. Cisco ISE allows users create conditions as individual policy elements that can be reused. The network access service can be used per policy set to communicate with the network devices that are defined at the top level of that policy set. Network access services include Allowed Protocols and Server Sequences.
Policy sets are configured hierarchically, where the rule on the top level of the policy set, which can be viewed from the Policy Set table, applies to the entire set and is matched before the rules for the rest of the policies and exceptions. The rules in this set are applied in the following order:
The main policy UI in Cisco ISE is the place where the list of all the Policy Sets is displayed.
Figure 75. List of Policy Sets in the main policy sets UI panel
ISE applies these policies one by one in the top-down order(policy 1 first, policy 3 last) when a RADIUS access request is received. If the access request matches one of them, it will then get into that policy set for authentication/authorization. If none of them match, it will go to the last one in the bottom, the default policy set which has no rules/conditions defined.
Note: The default policy set listed in the bottom cannot be removed. It is created by Cisco ISE software. If the incoming access request cannot match any of the policy sets listed above the default policy, it will be processed by the Default policy set.
Figure 76. Create a new Policy Set
Figure 77. Add or delete a policy condition
Figure 78. Policy Set Name and description text field
Figure 79. Add a new Condition for a Policy Set
Figure 80. Condition Studio
Figure 81. List of Policy Sets
Figure 82. Policy Condition Studio and Editor
On the right side, it lists all four components used in this Dell-SONiC-Edge-Switch-MAB policy and these are,
Note:
Figure 83. Edit button for a Library Condition
Figure 84. Detail of a Library Condition
Figure 85. Save button for an attribute panel
Figure 86. Attribute Dictionary List
Figure 87. Auto hint for dictionary attribute categories
Figure 88. Select an attribute and close the list
Figure 89. Drop down list for attribute values
Figure 90. Fill out attribute value from the list
Figure 91. Library Condition Save Panel
Figure 92. Use a library condition from a Policy Set
Figure 93. Other buttons in Policy Studio
Figure 94. Drag and drop function in Policy Studio
Figure 95. Drag and drop function in Policy Studio (2)