Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
479
Views
0
Helpful
1
Replies

ISE NMAP

Go to solution
martucci
Cisco Employee
Cisco Employee

‎02-06-2019 05:52 AM

I have a customer looking at implement ISE, and they have a very large network (300K endpoint).

They are concerned about enabling the NMAP probe to avoid possible issues on the network, and have asked me to verify if there are protection mechanisms in ISE to avoid running too many NMAP scans, and also what are the performances on the PSN in terms of how man scans they can run on the ISE side.

Do we have those information?

 

Thanks

Francesca

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
howon
Cisco Employee
Cisco Employee

‎02-06-2019 02:15 PM

NMAP performance issue only manifests it self if ran manually for a large subnet. I suggest not doing any manual scan then ISE would only scan conditionally for single endpoints per profiler policy to gain more insights about the endpoint.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
howon
Cisco Employee
Cisco Employee

‎02-06-2019 02:15 PM

NMAP performance issue only manifests it self if ran manually for a large subnet. I suggest not doing any manual scan then ISE would only scan conditionally for single endpoints per profiler policy to gain more insights about the endpoint.

0 Helpful
Customers Also Viewed These Support Documents