05-06-2019 11:15 AM
I have setup Threat Centric NAC on Cisco ISE. I am trying to test the Threat Centric functionality with the Qualys vulnerability scan. I am using ISE version 2.6. I had no issue registering ISE with Qualys cloud services and I had no issue getting the Qualys virtual appliance associated with the cloud. I am able to trigger the scan of an asset from the cloud without issue and once the scan is initiated ISE works as expected and quarantine the asset based on the result of the policy. The problem I am having is I am unable to get ISE to automatically trigger the scan from a policy. Does anyone know how to make this work?
Solved! Go to Solution.
05-11-2019 09:27 PM - edited 05-11-2019 09:29 PM
Please ensure the Qualys user account configured in ISE has Manager privileges and entitled to access REST APIs.
You may try ISE admin CLI command
show logging container tc-nac container-name <InstanceName> log-name adapter.log tail
to get more info. If needed, enable DEBUG/TRACE in the adapter from the ISE admin web UI.
Also, run reports at Operations > Reports > ISE Reports > Threat Centric NAC > Vulnerability Assessment
05-06-2019 11:35 AM - edited 05-06-2019 11:35 AM
For authorization profile you want to scan for, look under common tasks, check 'Assess Vulnerabilities' and select qualys scanner/adapter.
05-06-2019 12:27 PM
Yes, I have configured those options under the authorization profile. The policy that uses that profile is being hit, but the scan is still not being triggered.
05-11-2019 09:27 PM - edited 05-11-2019 09:29 PM
Please ensure the Qualys user account configured in ISE has Manager privileges and entitled to access REST APIs.
You may try ISE admin CLI command
show logging container tc-nac container-name <InstanceName> log-name adapter.log tail
to get more info. If needed, enable DEBUG/TRACE in the adapter from the ISE admin web UI.
Also, run reports at Operations > Reports > ISE Reports > Threat Centric NAC > Vulnerability Assessment
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: