08-29-2023 10:46 AM
Hi All,
Is there any list available where we can see which built-in device profiles are supported in the ISE 3.2 or 3.3 version? For example which Medical Devices, IOT Devices, and Industrial control systems Profiles are supported?
Also is there any limitation on the number of default device profiles that can be imported and used in the device profile policy?
08-29-2023 04:25 PM
I have not seen this list published anywhere, the only option I'm aware of is to go to the ISE deployment itself, or a Dcloud instance such as this 3.2 instant on.
https://dcloud2-sjc.cisco.com/content/instantdemo/cisco-identity-services-engine-ise-3-2-instant-demo-preview?returnPathTitleKey=content-view
As far as a limitation and scaling for the number of endpoint profiles, I'm not aware of that number being published for any supported release. The old medical profile library page indicated no more than 2000 had been tested.
https://community.cisco.com/t5/security-knowledge-base/cisco-ise-medical-nac-profile-library-v2-0/ta-p/3638736#:~:text=The%20maximum%20number%20of%20profiles,2.1%20and%20above%20is%202000.
08-29-2023 06:44 PM - edited 08-29-2023 06:46 PM
Just to add to Damien's response... while ISE has limited capability for profiling Medical, IoT, and Industrial IoT endpoints due to the limited information provided by the network, ISE integrates with multiple other Cisco and 3rd-party vendor solutions (e.g. Medigate, Ordr, CyberVision, Nozomi, and many others) that can provide more details to ISE that can be used as matching conditions in Authorization Profiles.
For more information, see https://www.cisco.com/c/en/us/products/security/identity-services-engine/technology-partners.html
08-30-2023 04:08 AM
Hi Thanks for information,
i can see that there is an option to Download the Medical NAC library ZIP file and then import it is cisco Work Centers > Profiler > Profiling Policies
just wanted to know from where we can download Medical Type of devices NAC library or OT specific NAC library. Will i have to ask respective OEM ?
08-30-2023 04:34 AM
Ok I think i got where i should look
"The Feed Service Partner Portal".
I hope our partner's login request will get approved to access it and to contribution
08-31-2023 09:19 PM
@jitendrac Please check out the Cisco or 3rd-party solutions that Greg indicated above. Usually the solution will profile the endpoints and then share the data with ISE via pxGrid context-in.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide