https://community.cisco.com/t5/network-access-control/nmap-profiler-details/m-p/3551291#M537041 <HTML><HEAD></HEAD><BODY><P>I am doing an ISE install at a large hospital and they are concerned about the NMAP profilers effect on some of their legacy medical equipment.&nbsp; I have done 75-100 installs at all sorts of customers including hospitals and manufacturing environment and have never had an issue with the selective NMAP scans ISE uses.&nbsp; However, the customer would like more detail on exactly what the NMAP scan will be doing.&nbsp; </P><P>I believe the default NMAP scan in 2.x is SNMP + OS scan.&nbsp; So the SNMP port check is easy to explain, but what is involved in the OS scan?&nbsp; If ISE is using the standard NMAP process under the covers what switches (options) are run for the OS detection?</P><P></P><P>I am not worried about ISE causing an issue, but I need to provide details as the customer has had other products like Qualys take down their PAX system.</P><P></P><P>Thanks.</P></BODY></HTML> Wed, 09 Nov 2016 18:10:47 GMT paul 2016-11-09T18:10:47Z https://community.cisco.com/t5/network-access-control/nmap-profiler-details/m-p/3551291#M537041 <HTML><HEAD></HEAD><BODY><P>I am doing an ISE install at a large hospital and they are concerned about the NMAP profilers effect on some of their legacy medical equipment.&nbsp; I have done 75-100 installs at all sorts of customers including hospitals and manufacturing environment and have never had an issue with the selective NMAP scans ISE uses.&nbsp; However, the customer would like more detail on exactly what the NMAP scan will be doing.&nbsp; </P><P>I believe the default NMAP scan in 2.x is SNMP + OS scan.&nbsp; So the SNMP port check is easy to explain, but what is involved in the OS scan?&nbsp; If ISE is using the standard NMAP process under the covers what switches (options) are run for the OS detection?</P><P></P><P>I am not worried about ISE causing an issue, but I need to provide details as the customer has had other products like Qualys take down their PAX system.</P><P></P><P>Thanks.</P></BODY></HTML> Wed, 09 Nov 2016 18:10:47 GMT https://community.cisco.com/t5/network-access-control/nmap-profiler-details/m-p/3551291#M537041 paul 2016-11-09T18:10:47Z https://community.cisco.com/t5/network-access-control/nmap-profiler-details/m-p/3551292#M537042 <HTML><HEAD></HEAD><BODY><P>Yes, you are correct ISE is using the open-source NMAP utility for this. <A _jive_internal="true" data-containerid="5301" data-containertype="14" data-objectid="68156" data-objecttype="102" href="https://community.cisco.com/docs/DOC-68156" style="font-size: 12px; font-family: arial; color: #0a63a7;">How To: ISE Profiling Design Guide</A> has the info and this&nbsp; is still true for ISE 2.x.</P></BODY></HTML> Wed, 09 Nov 2016 22:42:29 GMT https://community.cisco.com/t5/network-access-control/nmap-profiler-details/m-p/3551292#M537042 hslai 2016-11-09T22:42:29Z https://community.cisco.com/t5/network-access-control/nmap-profiler-details/m-p/3551293#M537043 <HTML><HEAD></HEAD><BODY><P>Thanks!</P><P></P><P>I also found the base command used in the admin guide:</P><P></P><P>nmap -O -sU -p U:161,162 –oN</P></BODY></HTML> Wed, 09 Nov 2016 22:55:23 GMT https://community.cisco.com/t5/network-access-control/nmap-profiler-details/m-p/3551293#M537043 paul 2016-11-09T22:55:23Z