https://community.cisco.com/t5/network-access-control/ise-1-x-profiler-question-network-scan-action-exception-action/m-p/2059558#M200379 <HTML><HEAD></HEAD><BODY><P>Hey Tarik,</P><P>Thank you for the response; I have looked at the apple-device policy, I see that the “* Exception Action” field is = NONE. I only see that the Network Scan (NMAP) Action is set to OS-scan. In fact I have looked at all the generic policies and none have an “* Exception Action” field set.</P><P>I can see that under the Rules configuration you can set the rule to "Take Exception Action" but in the top part of the configuration the "* Exception Action” there is no selection option.</P><P>I am assuming if you wish to trigger and event you would identify the event in the “* Exception Action” field and under the rule you would select "Take Exception Action". How do you configure the “* Exception Action” to determine which Action to take?</P><P>Thanks,</P><P>Allen</P></BODY></HTML> Wed, 03 Oct 2012 01:40:59 GMT allen00874 2012-10-03T01:40:59Z https://community.cisco.com/t5/network-access-control/ise-1-x-profiler-question-network-scan-action-exception-action/m-p/2059556#M200360 <P>Could someone please explain the following based on this scenario:</P><P></P><P>Say you create a Profiler Policy called “DeviceBrandX” and you set the Minimum Certainty Factor to 20 and you create a condition to profile based on a check for condition based on host-name in DHCP and you assign the condition a Certainty Factor Increases of 10. In additoin you define an Exception Action and a Network Scan (NMAP) Action in the policy.<BR />  <BR /> Here are the two questions:</P><P></P><P>If you create another condition that initiates a scan Network Scan (NMAP) Action to scan say for OS - how does the scan influence the Certainty Factor?</P><P></P><P>Also if you create a condition that initiates Exception Action - how does that influence the Certainty Factor?</P><P></P><P>Thanks,</P><P>Allen</P> Mon, 11 Mar 2019 02:37:07 GMT https://community.cisco.com/t5/network-access-control/ise-1-x-profiler-question-network-scan-action-exception-action/m-p/2059556#M200360 allen00874 2019-03-11T02:37:07Z https://community.cisco.com/t5/network-access-control/ise-1-x-profiler-question-network-scan-action-exception-action/m-p/2059557#M200374 <HTML><HEAD></HEAD><BODY><P>The exception action should not affect the certainty factor it is triggered when a device matches the profiling policy. Take a look at the apple-device policy for reference. The main purpose is to trigger another action if the policy is to generic</P><P></P><P></P><P>Sent from Cisco Technical Support Android App</P></BODY></HTML> Tue, 02 Oct 2012 00:03:55 GMT https://community.cisco.com/t5/network-access-control/ise-1-x-profiler-question-network-scan-action-exception-action/m-p/2059557#M200374 Tarik Admani 2012-10-02T00:03:55Z https://community.cisco.com/t5/network-access-control/ise-1-x-profiler-question-network-scan-action-exception-action/m-p/2059558#M200379 <HTML><HEAD></HEAD><BODY><P>Hey Tarik,</P><P>Thank you for the response; I have looked at the apple-device policy, I see that the “* Exception Action” field is = NONE. I only see that the Network Scan (NMAP) Action is set to OS-scan. In fact I have looked at all the generic policies and none have an “* Exception Action” field set.</P><P>I can see that under the Rules configuration you can set the rule to "Take Exception Action" but in the top part of the configuration the "* Exception Action” there is no selection option.</P><P>I am assuming if you wish to trigger and event you would identify the event in the “* Exception Action” field and under the rule you would select "Take Exception Action". How do you configure the “* Exception Action” to determine which Action to take?</P><P>Thanks,</P><P>Allen</P></BODY></HTML> Wed, 03 Oct 2012 01:40:59 GMT https://community.cisco.com/t5/network-access-control/ise-1-x-profiler-question-network-scan-action-exception-action/m-p/2059558#M200379 allen00874 2012-10-03T01:40:59Z