https://community.cisco.com/t5/network-access-control/block-kali-linux-using-cisco-ise/m-p/5280507#M595925 <P>Hi&nbsp;<a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/182793">@Kasun Bandara</a>. Thanks for the response. I understand that this can be achieved by profiling.Any idea on this can be achieved specifically for Kali-Linux?</P> Fri, 11 Apr 2025 08:50:44 GMT anonymus1 2025-04-11T08:50:44Z https://community.cisco.com/t5/network-access-control/block-kali-linux-using-cisco-ise/m-p/5280418#M595921 <P>Hi All,</P> <P>We’ve recently implemented Cisco ISE in our environment and are now looking to enhance our network security by blocking all <STRONG data-start="276" data-end="290">Kali Linux</STRONG> systems from gaining access to the network.</P> <P class="" data-start="336" data-end="576">I would appreciate any guidance or best practices on how to effectively detect and block these systems using ISE. Whether it’s through profiling, custom conditions, or policy sets—any suggestions or recommended approaches would be helpful.</P> <P class="" data-start="578" data-end="596">Thanks in advance!</P> Fri, 11 Apr 2025 05:14:05 GMT https://community.cisco.com/t5/network-access-control/block-kali-linux-using-cisco-ise/m-p/5280418#M595921 anonymus1 2025-04-11T05:14:05Z https://community.cisco.com/t5/network-access-control/block-kali-linux-using-cisco-ise/m-p/5280427#M595922 <P><a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/1865487">@anonymus1</a>&nbsp;hi, this can achieve with profiling. check below links to understand how profiles working and how can it implement.</P> <P><A href="https://www.thesecurityblogger.com/cisco-identity-services-engine-ise-profiling-profiler-explained/" target="_blank" rel="noopener">https://www.thesecurityblogger.com/cisco-identity-services-engine-ise-profiling-profiler-explained/</A></P> <P><A href="https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/217818-configure-cisco-ise-3-1-posture-with-lin.html" target="_blank" rel="noopener">https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/217818-configure-cisco-ise-3-1-posture-with-lin.html</A></P> <P>&nbsp;</P> <P>&nbsp;</P> Fri, 11 Apr 2025 06:04:55 GMT https://community.cisco.com/t5/network-access-control/block-kali-linux-using-cisco-ise/m-p/5280427#M595922 Kasun Bandara 2025-04-11T06:04:55Z https://community.cisco.com/t5/network-access-control/block-kali-linux-using-cisco-ise/m-p/5280507#M595925 <P>Hi&nbsp;<a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/182793">@Kasun Bandara</a>. Thanks for the response. I understand that this can be achieved by profiling.Any idea on this can be achieved specifically for Kali-Linux?</P> Fri, 11 Apr 2025 08:50:44 GMT https://community.cisco.com/t5/network-access-control/block-kali-linux-using-cisco-ise/m-p/5280507#M595925 anonymus1 2025-04-11T08:50:44Z https://community.cisco.com/t5/network-access-control/block-kali-linux-using-cisco-ise/m-p/5280514#M595928 <P>Found a workaround.</P> <P><SPAN data-teams="true"><A title="https://bst.cisco.com/bugsearch/bug/cscvz45806?rfs=qvlogin" href="https://bst.cisco.com/bugsearch/bug/CSCvz45806?rfs=qvlogin" target="_blank" rel="noreferrer noopener">https://bst.cisco.com/bugsearch/bug/CSCvz45806?rfs=qvlogin</A>&nbsp;</SPAN></P> Fri, 11 Apr 2025 09:08:44 GMT https://community.cisco.com/t5/network-access-control/block-kali-linux-using-cisco-ise/m-p/5280514#M595928 anonymus1 2025-04-11T09:08:44Z