https://community.cisco.com/t5/network-access-control/multiply-access-levels-based-on-posture-conditions/m-p/4460820#M569560 <P>Hope that should not be possible i guess. (typo issu)&nbsp; - worth looking below documents and limitations.</P> <P>&nbsp;</P> <P><A href="https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine-22/210523-ISE-posture-style-comparison-for-pre-and.html" target="_blank" rel="noopener">https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine-22/210523-ISE-posture-style-comparison-for-pre-and.html</A></P> <P>&nbsp;</P> <P><A href="https://ciscocustomer.lookbookhq.com/iseguidedjourney/ISE-design-endpoint-attributes" target="_blank" rel="noopener">https://ciscocustomer.lookbookhq.com/iseguidedjourney/ISE-design-endpoint-attributes</A></P> <P>&nbsp;</P> Tue, 07 Sep 2021 08:28:05 GMT balaji.bandi 2021-09-07T08:28:05Z https://community.cisco.com/t5/network-access-control/multiply-access-levels-based-on-posture-conditions/m-p/4460803#M569558 <P>Hello, team.</P><P>Is it posible to create multiply level of Autorization based on&nbsp;&nbsp;<EM>Compliance conditions:</EM></P><P><EM>if endpoint mets all requiments&nbsp; - full complience -&nbsp;- assign profile FULL</EM></P><P><EM>if endpoint mets requiment 1 only&nbsp; - assign&nbsp; profile LIMIT&nbsp;</EM></P><P>How to realese this hierarhy access?</P><P>We use ISE 3.1.0</P> Tue, 07 Sep 2021 06:57:23 GMT https://community.cisco.com/t5/network-access-control/multiply-access-levels-based-on-posture-conditions/m-p/4460803#M569558 sergey.dibrov 2021-09-07T06:57:23Z https://community.cisco.com/t5/network-access-control/multiply-access-levels-based-on-posture-conditions/m-p/4460820#M569560 <P>Hope that should not be possible i guess. (typo issu)&nbsp; - worth looking below documents and limitations.</P> <P>&nbsp;</P> <P><A href="https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine-22/210523-ISE-posture-style-comparison-for-pre-and.html" target="_blank" rel="noopener">https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine-22/210523-ISE-posture-style-comparison-for-pre-and.html</A></P> <P>&nbsp;</P> <P><A href="https://ciscocustomer.lookbookhq.com/iseguidedjourney/ISE-design-endpoint-attributes" target="_blank" rel="noopener">https://ciscocustomer.lookbookhq.com/iseguidedjourney/ISE-design-endpoint-attributes</A></P> <P>&nbsp;</P> Tue, 07 Sep 2021 08:28:05 GMT https://community.cisco.com/t5/network-access-control/multiply-access-levels-based-on-posture-conditions/m-p/4460820#M569560 balaji.bandi 2021-09-07T08:28:05Z https://community.cisco.com/t5/network-access-control/multiply-access-levels-based-on-posture-conditions/m-p/4460833#M569561 Hi,<BR /><BR />I don't think this is possible. The compliance module will validate all<BR />configured requirements for all matching posture policies and the result<BR />will be compliant , non-compliant or unknown. If one condition is not<BR />matched it will be non-compliance.<BR /><BR />Try to raise this as an enhancement request with your account management<BR />for a more granular posture results. Otherwise, having more conditions in<BR />policy set instead of just posture status.<BR /><BR />**** please remember to rate useful posts<BR /> Tue, 07 Sep 2021 07:35:06 GMT https://community.cisco.com/t5/network-access-control/multiply-access-levels-based-on-posture-conditions/m-p/4460833#M569561 Mohammed al Baqari 2021-09-07T07:35:06Z