https://community.cisco.com/t5/network-access-control/ise-trussec-default-sgts/m-p/5285698#M596107 <P>Hi All,</P><P>I'm currently looking at deploying CTS and noticed that ISE provides a number of default SGTs in the base install. As the number of SGTs increases the size and complexity of the policy matrix, I could ideally do with removing some of the default SGTs except for Unknown and TrustSec_Device. Is this ok to do or will this cause any issues?</P> Sun, 27 Apr 2025 20:29:58 GMT packet2020 2025-04-27T20:29:58Z https://community.cisco.com/t5/network-access-control/ise-trussec-default-sgts/m-p/5285698#M596107 <P>Hi All,</P><P>I'm currently looking at deploying CTS and noticed that ISE provides a number of default SGTs in the base install. As the number of SGTs increases the size and complexity of the policy matrix, I could ideally do with removing some of the default SGTs except for Unknown and TrustSec_Device. Is this ok to do or will this cause any issues?</P> Sun, 27 Apr 2025 20:29:58 GMT https://community.cisco.com/t5/network-access-control/ise-trussec-default-sgts/m-p/5285698#M596107 packet2020 2025-04-27T20:29:58Z https://community.cisco.com/t5/network-access-control/ise-trussec-default-sgts/m-p/5285733#M596111 <P>If ISE allows you to delete the Security Groups, it should not cause any issues. However, you can create custom matrix views to reduce the matrix to only the groups you are interested in seeing.</P> <P><A href="https://www.cisco.com/c/en/us/td/docs/security/ise/3-3/admin_guide/b_ise_admin_3_3/b_ISE_admin_33_segmentation.html#task_B8B1031871664DD6B3B58906CAE9485E" target="_blank">https://www.cisco.com/c/en/us/td/docs/security/ise/3-3/admin_guide/b_ise_admin_3_3/b_ISE_admin_33_segmentation.html#task_B8B1031871664DD6B3B58906CAE9485E</A></P> <P>&nbsp;</P> Mon, 28 Apr 2025 00:40:12 GMT https://community.cisco.com/t5/network-access-control/ise-trussec-default-sgts/m-p/5285733#M596111 Greg Gibbs 2025-04-28T00:40:12Z