Solved: Feature support

ymadheka · ‎02-07-2017

Hi Team,

We are working on a ISE feature sheet and need clarity on below features:

L2 Security for various physical levels attacks MAC spoofing and flooding, ARP spoofing and poisoning, VLAN hopping and double tagging, DHCP exhaustion, switch impersonation and spanning tree attacks.

During posture check AV/AS* has performed a full system scan and real time protection is enabled or not.

Appreciate quick reply on this

Thanks & Regards,

Yogesh Madhekar

thomas · ‎02-09-2017

The features in your first bullet are switch & switchport functions. ISE authenticates and authorizes endpoints using the Layer 2, 802.1X protocol. We can potentially handle MAC spoofing with the new Ability to Detect Anomalous Behavior of Endpoints.

I don't know how you define "a full system scan" but we support the OESIS set of AV/AS systems as well as registry checks, USB and other things. We have a Periodic Reassessment (PRA) if that's what you mean by "real time protection".

View solution in original post

thomas · ‎02-09-2017

The features in your first bullet are switch & switchport functions. ISE authenticates and authorizes endpoints using the Layer 2, 802.1X protocol. We can potentially handle MAC spoofing with the new Ability to Detect Anomalous Behavior of Endpoints.

I don't know how you define "a full system scan" but we support the OESIS set of AV/AS systems as well as registry checks, USB and other things. We have a Periodic Reassessment (PRA) if that's what you mean by "real time protection".