https://community.cisco.com/t5/network-access-control/will-ise-support-vulnerability-info-coming-from-fmc-ftd-and/m-p/3450048#M529031 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>As today ISE use 3rd Party to populate vulnerability information in order to create access rules based on endpoint status.</P><P></P><P>Firepower Management Center and Firepower Threat Defense sensors also have a similar information collected thru Network Discovery process, so it is logical to think we can use this same info also for ISE to create this vulnerability context without relying on a 3rd-party when the customer already has FTD/FMC deployed.</P><P></P><P>Any comments on that?</P></BODY></HTML> Mon, 19 Jun 2017 16:03:42 GMT frbello 2017-06-19T16:03:42Z https://community.cisco.com/t5/network-access-control/will-ise-support-vulnerability-info-coming-from-fmc-ftd-and/m-p/3450048#M529031 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>As today ISE use 3rd Party to populate vulnerability information in order to create access rules based on endpoint status.</P><P></P><P>Firepower Management Center and Firepower Threat Defense sensors also have a similar information collected thru Network Discovery process, so it is logical to think we can use this same info also for ISE to create this vulnerability context without relying on a 3rd-party when the customer already has FTD/FMC deployed.</P><P></P><P>Any comments on that?</P></BODY></HTML> Mon, 19 Jun 2017 16:03:42 GMT https://community.cisco.com/t5/network-access-control/will-ise-support-vulnerability-info-coming-from-fmc-ftd-and/m-p/3450048#M529031 frbello 2017-06-19T16:03:42Z https://community.cisco.com/t5/network-access-control/will-ise-support-vulnerability-info-coming-from-fmc-ftd-and/m-p/3450049#M529034 <HTML><HEAD></HEAD><BODY><P>Freddy,</P><P></P><P>Unfortunately we can't discuss futures in this forum.&nbsp; Today, ISE supports AMP, CTA and Qualys for threat / vulnerability information.&nbsp; The integration between the two systems uses pxGrid for Rapid Threat Containment (RTC).&nbsp; This allows FMC to subscribe to identity information ISE knows about and can also quarantine an endpoint if policy is violated.&nbsp; Ultimately, it is a function of where you want the threat / vulnerability information displayed:&nbsp; ISE or FMC.</P><P></P><P>Regards,</P><P>-Tim</P></BODY></HTML> Mon, 19 Jun 2017 18:31:04 GMT https://community.cisco.com/t5/network-access-control/will-ise-support-vulnerability-info-coming-from-fmc-ftd-and/m-p/3450049#M529034 Timothy Abbott 2017-06-19T18:31:04Z