Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
883
Views
0
Helpful
2
Replies

EasyConnect and threat response

Go to solution
dsheaffe@cisco.com
Cisco Employee
Cisco Employee

‎02-07-2017 02:51 PM

Hi all

Does the use of EasyConnect for authentication limit ISE's ability to send a CoA to a NAS in response to a security threat? 

Danny

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
hariholla
Cisco Employee
Cisco Employee

‎02-07-2017 04:18 PM

Hi Danny,

All the threat containment flows apply to Easy Connect sessions too. We have some use cases like ISE + Qualys and ISE + Stealthwatch working with EasyConnect in our labs. EasyConnect is essentially MAB from RADIUS standpoint and ISE can change the authorization on specific triggers. Is there a specific scenario where you think the combo wouldn't work?

-Hari

View solution in original post

0 Helpful
2 Replies 2

Go to solution
hariholla
Cisco Employee
Cisco Employee

‎02-07-2017 04:18 PM

Hi Danny,

All the threat containment flows apply to Easy Connect sessions too. We have some use cases like ISE + Qualys and ISE + Stealthwatch working with EasyConnect in our labs. EasyConnect is essentially MAB from RADIUS standpoint and ISE can change the authorization on specific triggers. Is there a specific scenario where you think the combo wouldn't work?

-Hari

0 Helpful

Go to solution
dsheaffe@cisco.com
Cisco Employee
Cisco Employee
In response to hariholla

‎02-07-2017 04:28 PM

Thank you Hari.  I didn't have a specific scenario in mind.  I thought it should work but just wanted to confirm. 

Danny

0 Helpful
Customers Also Viewed These Support Documents