Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3142
Views
0
Helpful
4
Replies

Discover network device from ISE

Go to solution
ignacio.sanchez
Level 1
Level 1

‎05-26-2021 02:15 AM

Hi,

 

We use our ISE only as "Devide Admin" and we do not have the "Network Device" in the database, we have the default device enabled.

 

Now we need to apply policies based on the device type. We do not know all the devices that connect to the ISE. Is there a way to add the network devices discovering them automatically from the ISE itself? 

 

I would be appreciated if someone guides me in this regard.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
thomas
Cisco Employee
Cisco Employee

‎05-26-2021 08:12 AM

Since you have the Default Network Device option configured, you may now look in your logs and reports for your specific network device IP addresses. You will need to spend the time to login to each one and determine the vendor / model / OS version.

Alternatively, you may use the built-in ISE Visibility Setup to scan your network(s) for network devices based on the SNMP Community.

image.png

 

It will scan for your network devices but you must know the SNMP Community string(s):

image.png

 

 

View solution in original post

0 Helpful
4 Replies 4

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎05-26-2021 02:46 AM

If this is used for only Device admin, you can add them put them in discovery mode, and make them according to the requirement to based on the area and profiles

 

you can cattegorise, like switches,. Routers, make a users to access what level access rquired, Full admin or only certain access restrictions and so on.

 

https://community.cisco.com/t5/security-documents/how-to-create-ise-network-access-device-profiles/ta-p/3631103

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
ignacio.sanchez
Level 1
Level 1
In response to balaji.bandi

‎05-26-2021 03:16 AM

Thanks for answering so quickly.

 

I need to identify the network device by manufacturer, Cisco, Juniper, Huawei, etc, but I still can't understand how to do it if I can't create the network device and indicate the manufacturer.


The truth is that since I do not know the IP I cannot create it and also in the same network there may be several manufacturers.

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to ignacio.sanchez

‎05-26-2021 04:54 AM

You need to do network discovery, get some time read the document it has the process, you do not required to mass network discovery, you can do small subnet.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
thomas
Cisco Employee
Cisco Employee

‎05-26-2021 08:12 AM

Since you have the Default Network Device option configured, you may now look in your logs and reports for your specific network device IP addresses. You will need to spend the time to login to each one and determine the vendor / model / OS version.

Alternatively, you may use the built-in ISE Visibility Setup to scan your network(s) for network devices based on the SNMP Community.

image.png

 

It will scan for your network devices but you must know the SNMP Community string(s):

image.png

 

 

0 Helpful
Customers Also Viewed These Support Documents