Hi all, This is the guide I followed and the problem is on the part 6 https://community.cisco.com/t5/security-knowledge-base/ise-posture-prescriptive-deployment-guide/ta-p/3680273 I have set the Radius object on FMC and assigned the redirect acl for ...
Forum Posts
Hi all:I need to replace a Cisco ASA-5505 for a small (6 hosts / devices behind the Firewall) church outfit which has reached EOL support and was quoted from the cisco sales engineering team at the distributor as follows:Line # Part # TD Part # Descr...
Hello, Does CISCO AMP scan for web browser cookies? Thank you.
Hello everybodyI am trying to implement dot1x on eve-ng and everytime I try I receive weird results!My current problem is that my switch doesn't seem to send username to ISE server and I am only able to use MAB. Here is my configuration: SW1#sh run...
Cisco Secure Endpoint flags Lsass dump as Cloud IOC. EDR tool did not stop the dump, most likely because Windows native tools were used. I have ticketing in place to alert on the event. Does anybody know how do I blacklist the activity(command line i...
Hello. I have a bunch of VMWare hosted servers that AMP is hogging memory on. Most noticeably, it's really hogging it up on several servers that have 4GB of memory, to the point where I get constant Nagios alerts about memory usage. Previous, I could...
Hi Everyone,We wanna Implent Posture assessment in LAN. With temporal Agent everything works fine. But when we wan to client Use anyconnect Posture module, Client provisioning portal shows an error "An error occurred. Contact the helpdesk for assista...
Hi,In response to a security incident, I would like to query one group of endpoints in AMP (Secure Endpoint) for network connections to a specific IP address. How can I do that in Orbital?Thanks for your time.Have a great day.T
On 6/28 and 6/29 I received a large uptick in old PDF docs getting quarantined as PDF.Spam.Heur5. In all cases, these pdf files have been on these workstations for two or more years. Anyone else seeing this? False positives, or better late than ne...
Hi, I have seen this ISE reference for guest authentication & ISE: https://community.cisco.com/t5/security-documents/ise-guest-access-deployment-guide/ta-p/3640475 , but i am still unsure if wired guest users can be redirected to a Sponsor Captive...
Hi, I have a number of files on Windows 10 that are showing as clean One is svchost.exe SHA256 5d00bbeb147e0c838a622fc42c543b2913d57eaca4e69d9a37ed61e98c819347 It is reporting as clean. However, the product name is Microsoft in Russian, which i...
Which tool can manage Windows Patch Management Check/Remediation with non administrator-level users during network access e.g. VPN? (I am using Cisco AnyConnect) At the current guide... Cisco AnyConnect Secure Mobility Client Administrator Guide, R...
if I have amp installed on some workstations and protected by password, but unfortioanloity I don't have access to management counsel and passwords are forgotten , how can I remove it
Zero Day Exploit of Microsoft Support Diagnostic Tool Detection. What components of Cisco Secure Endpoint will detect and block this vulnerability? https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-to...
Hello, I have a rather interesting issue that I am having trouble figuring out. AMP scans have returned 3 separate endpoints now with the same malicious phishing pdf that is seemingly located in someone's user profile. Normally this would be fine, be...
