Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4250
Views
0
Helpful
3
Replies

How to remove the mac address in ISE if not active for some period?

Go to solution
msompong1
Level 1
Level 1

‎04-01-2020 09:59 PM

Hello,

 

I'm using the ISE 2.3 and I would like to know how can I remove the MAC address from internal database 

in the condition of that MAC not access or not online for 90 days?

 

Thank you in advance.

 

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Damien Miller
VIP Alumni
VIP Alumni

‎04-01-2020 10:18 PM - edited ‎04-01-2020 10:21 PM

This is a fairly easy task to accomplish with the built in endpoint purge options. What you do have to be cautious of though is if you have any endpoint assigned to static identity groups.  A simple rule such as the one I have in the example screenshot will remove any endpoint that has been inactive for 90 days including ones manually added or statically assigned.

If the endpoint comes back after 91 days, it will no longer be "whitelisted". This can be a problem if interim accounting is not set up, coupled with no reauth interval or endpoints that are always connected and rarely power cycled. 
purge.png



View solution in original post

0 Helpful
3 Replies 3

Go to solution
Damien Miller
VIP Alumni
VIP Alumni

‎04-01-2020 10:18 PM - edited ‎04-01-2020 10:21 PM

This is a fairly easy task to accomplish with the built in endpoint purge options. What you do have to be cautious of though is if you have any endpoint assigned to static identity groups.  A simple rule such as the one I have in the example screenshot will remove any endpoint that has been inactive for 90 days including ones manually added or statically assigned.

If the endpoint comes back after 91 days, it will no longer be "whitelisted". This can be a problem if interim accounting is not set up, coupled with no reauth interval or endpoints that are always connected and rarely power cycled. 
purge.png



0 Helpful

Go to solution
MaErre21325
Level 1
Level 1
In response to Damien Miller

‎03-14-2023 02:13 AM

Hello,

has anyone ever had ise automatically deleting mac addresses assigned to static groups without having set a purge rule?
I randomly find that I can no longer find some devices although no one has manually purged them and I can't find any bugs or reasons for this situation.
Ise version is 3.0 with patch7

0 Helpful

Go to solution
Cristian Matei
VIP Alumni
VIP Alumni

‎04-01-2020 10:19 PM

Hi,

 

   Go to your Identity Management , Identities, The Identity Group you're looking for and you should be able to delete some or all.

 

Regards,

Cristian Matei.

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents