Network Access Control

Hey folks, I have a customer who is looking to implement a search feature for a Self-Registered Portal, where the "Person being visited" field populates with some autocomplete-style results. Last I heard, this was scheduled to be implemented in ISE 2...

Hi,   My customer wants to integrate ISE with ForeScout so the products can play well together. The question they are asking is what does ForeScout need to do in order to talk to pxGrid. What API’s does ForeScout have to create on their product in or...

I have a python script that I am attempting to use to automate creating or statically assigning an already existing endpoint to an endpoint group.  Essentially I am trying to do this:Prompt user to determine if MAC address is a new host or existing h...

Hi All, I see there are now OVA files on CCO that say they are recommended for VMware 6.5.  ISE-2.4.0.357-6.5OVA-SNS3595-Medium-200GBHD-64GBRAM-16CPU.ova Can anyone please confirm whether these files allow the OVA file to be deployed directly without...

I know that we have integration with Tenable.sc. The question is do we have any future planes to integrate tenaable.io with ISE. 

Customer use case:   We were able to retrieve certificates from our Microsoft Certificate Authority to our ChromeOS devices.  This satisfies one of the conditions to permit a Chrome OS device to access our Cisco ISE wifi access point.   However, we n...

Hello, To prepare an upgrade, I need to delete a certificate (to run URT).ISE Server isn't letting me do it. I got the following error.Thing is when checking Remote Logging Targets I'm not seeing any Secure Syslog Target configured. Regards,Eric

Hi Experts,    This is with reference to the question asked in the following link https://community.cisco.com/t5/identity-services-engine-ise/creation-of-secondary-ip-or-ip-loopback-with-32-on-ise/m-p/3523973#M8886   From what I understand we still c...

I have some devices that are hitting my default (open) rule that I want to hit an earlier rule. The problem is that I am not getting enough attributes from them until I have the profile perform an NMAP scan. But the device has already performed auth ...

Hey guys, Wanting to know if there is anyway in the Dacl syntaxto get host range /24 to work we have a range of hosts, 135 of them that every time we add a new server we have to update the Dacl.what i would like to do is something like this to keep i...

With current configuration setup for ISE and ID-PSK, using Cisco AV Pairs in the Authorization profile to hold the network key - these attributes in the Authorization profile are shown in clear text in the Live log details. The ISE Live Logs are acce...

I have created sub-policy to Microsoft-Workstation that looks for the same attributes, but adds in DHCP host-name. The devices are still getting profiled as Microsoft-Workstation instead of 'SJ-Desktop' even though they clearly meet the host-name cri...

Hello, I am looking at some of the ISE designs and had a question around the following design. If I run two PAN/MnT nodes but run primary PAN/secondary MnT on Node 1 and Primary MnT/secondary PAN on Node 2 is there still a limit of 5 PSNs in this dep...