Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
863
Views
1
Helpful
5
Replies

Cisco ISE Device Profiling

jitendrac
Level 1
Level 1

‎08-29-2023 10:46 AM

Hi All,

Is there any list available where we can see which built-in device profiles are supported in the ISE 3.2 or 3.3 version? For example which Medical Devices,  IOT Devices, and Industrial control systems Profiles are supported?

Also is there any limitation on the number of default device profiles that can be imported and used in the device profile policy?

0 Helpful
5 Replies 5

Damien Miller
VIP Alumni
VIP Alumni

‎08-29-2023 04:25 PM

I have not seen this list published anywhere, the only option I'm aware of is to go to the ISE deployment itself, or a Dcloud instance such as this 3.2 instant on. 

https://dcloud2-sjc.cisco.com/content/instantdemo/cisco-identity-services-engine-ise-3-2-instant-demo-preview?returnPathTitleKey=content-view

As far as a limitation and scaling for the number of endpoint profiles, I'm not aware of that number being published for any supported release. The old medical profile library page indicated no more than 2000 had been tested. 
https://community.cisco.com/t5/security-knowledge-base/cisco-ise-medical-nac-profile-library-v2-0/ta-p/3638736#:~:text=The%20maximum%20number%20of%20profiles,2.1%20and%20above%20is%202000.

Greg Gibbs
Cisco Employee
Cisco Employee

‎08-29-2023 06:44 PM - edited ‎08-29-2023 06:46 PM

Just to add to Damien's response... while ISE has limited capability for profiling Medical, IoT, and Industrial IoT endpoints due to the limited information provided by the network, ISE integrates with multiple other Cisco and 3rd-party vendor solutions (e.g. Medigate, Ordr, CyberVision, Nozomi, and many others) that can provide more details to ISE that can be used as matching conditions in Authorization Profiles.

For more information, see https://www.cisco.com/c/en/us/products/security/identity-services-engine/technology-partners.html

 

0 Helpful

jitendrac
Level 1
Level 1

‎08-30-2023 04:08 AM

Hi Thanks for information,

i can see that there is an option to Download the Medical NAC library ZIP file and then import it is cisco Work Centers > Profiler > Profiling Policies

just wanted to know from where we can download Medical Type of devices NAC library or OT specific NAC library. Will i have to ask respective OEM ? 

0 Helpful

jitendrac
Level 1
Level 1
In response to jitendrac

‎08-30-2023 04:34 AM

Ok I think i got where i should look 
"The Feed Service Partner Portal".

I hope our partner's login request will get approved to access it and to contribution 

0 Helpful

hslai
Cisco Employee
Cisco Employee
In response to jitendrac

‎08-31-2023 09:19 PM

@jitendrac Please check out the Cisco or 3rd-party solutions that Greg indicated above. Usually the solution will profile the endpoints and then share the data with ISE via pxGrid context-in.

0 Helpful
Customers Also Viewed These Support Documents