07-31-2017 11:52 PM
Hi Team,
We have a query from customer about Endpoint Purge.
This endpoint purge schedule is enabled by default. Cisco ISE, by default, deletes endpoints and registered devices that are older than 30 days from following link:
We advised customer that the ISE default endpoint purge is set to purge endpoints and registered devices that are older than 30 days from above information.
Customer has asked confirmation for “older than 30 days”. Does this mean inactive for 30 days rather than endpoints registered 30 days ago?
Could anyone please help on this query?
Thank you in advance for your help.
Regards,
Charles
Solved! Go to Solution.
08-01-2017 07:02 AM
You can define the Endpoint Purge Policy by configuration rules based on identity groups and other conditions using Administration > Identity Management > Settings > Endpoint Purge. You can choose not to purge specified endpoints and to purge endpoints based on selected profiling conditions.
You can schedule an endpoint purge job. This endpoint purge schedule is enabled by default. Cisco ISE, by default, deletes endpoints and registered devices that are older than 30 days. The purge job runs at 1 AM every day based on the time zone configured in the Primary PAN.
The following are some of the conditions with examples you can use for purging the endpoints:
08-01-2017 07:02 AM
You can define the Endpoint Purge Policy by configuration rules based on identity groups and other conditions using Administration > Identity Management > Settings > Endpoint Purge. You can choose not to purge specified endpoints and to purge endpoints based on selected profiling conditions.
You can schedule an endpoint purge job. This endpoint purge schedule is enabled by default. Cisco ISE, by default, deletes endpoints and registered devices that are older than 30 days. The purge job runs at 1 AM every day based on the time zone configured in the Primary PAN.
The following are some of the conditions with examples you can use for purging the endpoints:
08-01-2017 04:11 PM
Hi Jason,
Thank you for sharing the information. I found this information too from configuration guide.
Customer does not have any policy configured related with InactivityDays, ElapsedDays and PurgeDate.
Therefore where this query comes from the customer, what is the default behavior for endpoint purge for “older than 30 days”. The query from customer with endpoint purge for “older than 30 days” meaning inactive for 30 days or endpoints registered 30 days ago?
Could you please help on this query?
Thanks for your help.
Regards,
Charles
08-01-2017 04:18 PM
I don't understand, do they have anything configured for a purge policy? If so what does the line say? Send a screenshot of their purge policy?
The default rules are guest endpoints or registered endpoints are purged after 30 days (elapsed meaning after the action of them being put into the database they are removed)
The only time inactivity is considered is if you select inactive days
08-01-2017 05:39 PM
Hi Jason,
Customer has configured a daily purge policy for Guest Wifi User. However customer does not have a purge policy for their BYOD Wifi User.
Thanks for your confirmation the default endpoint purge rule is, registered endpoints are purged after 30 days.
Regards,
Charles
10-18-2018 08:50 AM
Hi,
I need some more details about "Inactivitydays".
Actually on ise 2.3 I found two objects in dictionary to build purge conditions:
ElapsedDays and Inactivedays.
But I am not sure that Inactivedays is a counter of the number of days from device "last seen" event.
Indeed I gave a look at a currently connected device and I saw that the two counters have the same value. Why Inactivedays attribute is not zero being the device connected?
Is a 2.3 patch 3 bug?
Regards
MM
02-28-2019 06:08 PM
I know this is old, but from Jason's post above:
Was profiling enabled?
02-28-2019 11:17 PM
You are right.
I had missed that statement in the guide. Without a license that enable profiling "Inactivedays" counter is unusable.
Regard
M
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide