Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
457
Views
1
Helpful
1
Replies

Invoking Rules on ISE

Go to solution
ashvaras
Cisco Employee
Cisco Employee

‎10-04-2017 11:33 AM

Describe how and when the authorization rules are invoked. Can the system invoke authorization rules:

Automatically, upon meeting the conditions?

Scheduled to run at set times?

On-demand through the system GUI?

Through a web-based API

1 Accepted Solution

Accepted Solutions

Go to solution
hslai
Cisco Employee
Cisco Employee

‎10-04-2017 12:41 PM

All the above.

ISE guests, posture, and profiling usually invoke re-authentication automatically. So is Rapid Threat Containment (RTC).

ISE endpoint purge policy runs at a fixed time ~ 03:00 server timezone every day and will trigger CoA on the affected endpoints.

ISE has CoA options @ M&T live session view.

Screen Shot 2017-10-04 at 12.41.09 PM.png

Web-based API is available. Please refer to Using Change of Authorization REST APIs

View solution in original post

0 Helpful
1 Reply 1

Go to solution
hslai
Cisco Employee
Cisco Employee

‎10-04-2017 12:41 PM

All the above.

ISE guests, posture, and profiling usually invoke re-authentication automatically. So is Rapid Threat Containment (RTC).

ISE endpoint purge policy runs at a fixed time ~ 03:00 server timezone every day and will trigger CoA on the affected endpoints.

ISE has CoA options @ M&T live session view.

Screen Shot 2017-10-04 at 12.41.09 PM.png

Web-based API is available. Please refer to Using Change of Authorization REST APIs

0 Helpful
Customers Also Viewed These Support Documents