To integrate Duo with your Cisco ISE, you will need to install a local Duo proxy service on a machine within your network. This Duo proxy server will receive incoming RADIUS requests from your Cisco ISE, contact your existing local LDAP/AD or RADIUS server to perform primary authentication, and then contact Duo’s cloud service for secondary authentication.