Network Access Control

In Context visibility for endpoints, there is a hardware tab.  From the fields looks like an active program on Win or Mac endpoints that is collecting CPU status, BIOS data, etc every 5 mins. Description says this date comes from ISE posture agent on...

Hello,  I have ISE 2.6 with 2 PAN and 4 PSNI would like to change the admin certificate from the default self signed to one form my PKI. When I change it there will be a restart on the node right?Is it advisable to change it on the PSN also? Thanks a...

Is anyone familiar with a way to centralize the reporting of TrustSec events on switches and routers? Specifically SGACL drop messages. Our network topology consists of around 150 switches (mostly 9200/9300s) and 100 routers (all 4331s or 4431s). Rig...

I am currently working on standing up a new ISE 2.7 instance side-by-side with our older 2.3 instance. Both instances profiler feeds stopped working after 3/17/2021.  The errors I'm getting are below. 2.7 patch 3Feed Service error : null**Please ensu...

Hello, Is it any way to configure ISE Posture Policy (some conditions) that ISE analyzes user level of priviliges on remote computer (on computer from which he trys to orginize anyconnect VPN connection)?If user has priviliges of administrator on rem...

Is there any way to configure  some authorization policy on ISE in which you can define a whitelist of remote devices that are allowed to build VPN. As an option, obtaining a some unique id from a remote device. The method with certificates is not su...

I would like to use an endpoint custom attribute to trigger the network access a device has.  So as an example if I have a device that has a endpoint custom attribute of Display, I would like to use that as a condition to assign a specific DACL or vl...

Hello Does anybody know if there are any recommendations or if someone have experience with migrating ISE servers from HyperV to Vmware platform?I'm courious about first option, I know second can be done. 1.  option:Backup ISE virtual machine with ve...

We have 2 PSN nodes for client auth. All works on PSN1. When PSN1 is offline auth is directed to PSN2. All clients then fail to authentication with the following error. cisco endpoint started new session while the packet of the previous session is be...

Hi,I found a few discussions about the subject but I'd like to confirm. My idea (for wireless connections) is to use machine auth before user logins and user auth after login. I configured machine group verification as a first step and "was machine a...

I have an OLD ACS 1121 appliance, anyone know if I can apply its license to a Virtual machine?