cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

90
Views
0
Helpful
1
Replies
Highlighted
Cisco Employee

Can ISE define scan parameters for TC NAC in ISE?

Scenario: Customer waits 30 days to deploy MS Windows patches to ensure the patches are stable.  In this instance, their vulnerability scanner lists their windows machines as having high-scoring CVSS scores during this 30 day period.  Is there a way to exempt CVSS scores that are for vulnerabilities less than 30 days old, basically adjust the ISE policy to match their business requirements.


My understanding is that ISE simply receives the quarantine message from the AMP cloud and doesn't look at CVSS.

Thank you.

Joe

Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Can ISE define scan parameters for TC NAC in ISE?

I don't think such a feature exists - this to me seems like something AMP would need to have as a way to not report a vulnerability until after X amounts of days due to customer procedures

imran.bashir1 is expert on this and I will consult with him as well

Configure ISE 2.1 Threat-Centric NAC (TC-NAC) with AMP and Posture Services - Cisco

View solution in original post

1 REPLY 1
Cisco Employee

Re: Can ISE define scan parameters for TC NAC in ISE?

I don't think such a feature exists - this to me seems like something AMP would need to have as a way to not report a vulnerability until after X amounts of days due to customer procedures

imran.bashir1 is expert on this and I will consult with him as well

Configure ISE 2.1 Threat-Centric NAC (TC-NAC) with AMP and Posture Services - Cisco

View solution in original post