01-03-2018 03:03 AM
Hi experts,
In the ISE 2.3 Compatibility Matrix I can see that profiling is supported for SG500 is a limited fashion:
Cisco Identity Services Engine Network Component Compatibility, Release 2.3 - Cisco
Can we get more information on the scope of profiling that is possible on the SG500?
Thanks in advance,
José
Solved! Go to Solution.
01-03-2018 03:52 AM
It will work as well with SNMP , NMAP as well as DHCP , as I explained it wasnt tested thoroughly but in theory it should be capable . I suggest a trial and error approach and would be happy to get any feedback from your findings.
As for you license question , profiling does not need PLUS licensing , however if you intend to enforce policies based on profiles then yes you would need to have PLUS in place.
Thanks,
Danny
01-03-2018 03:19 AM
Hi Jose,
SG500 can provide limited profiling for endpoints.We dont have a reference as it hasnt been thoroughly tested.
Really all depends on the type of AVs the SG500 can provide.
What is your use case?
Danny
01-03-2018 03:36 AM
No particular use-case in mind yet - the customer is evaluating ISE and he is trying to understand the limitation for the existing SMB switches he has.
So as I understood from your answer, the only probe we would use is RADIUS for the SMB switches. We would need the PLUS subscription in any case, correct?
Thanks again,
José
01-03-2018 03:52 AM
It will work as well with SNMP , NMAP as well as DHCP , as I explained it wasnt tested thoroughly but in theory it should be capable . I suggest a trial and error approach and would be happy to get any feedback from your findings.
As for you license question , profiling does not need PLUS licensing , however if you intend to enforce policies based on profiles then yes you would need to have PLUS in place.
Thanks,
Danny
01-03-2018 07:27 AM
Thanks for the help Danny!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: