cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1036
Views
1
Helpful
2
Replies

ISE 2.2 NMAP Behavior

paul
Level 10
Level 10

Was there a sneaky change in ISE 2.2 NMAP behavior that I missed?  I think starting in 2.0 ISE changed it default NMAP scan to just OS + SNMP ports which was very annoying as one of the key things we use for profiling printers in port 9100 being open.  So I usually had to write my own NMAP rule to do common ports + OS and then modify all the printer manufacturer profile polices to use my custom profiler.

I was working at a customer's deployment today and I was seeing common ports and OS on all the devices even though the default scans were in place that show only SNMP ports + OS. 

Did this change?

1 Accepted Solution

Accepted Solutions

Timothy Abbott
Cisco Employee
Cisco Employee

We added several enhancements to NMAP in ISE 2.1 so nothing specific to ISE 2.2.  I think maybe you are just seeing this for the first time since we added the new features.

Regards,

-Tim

View solution in original post

2 Replies 2

Timothy Abbott
Cisco Employee
Cisco Employee

We added several enhancements to NMAP in ISE 2.1 so nothing specific to ISE 2.2.  I think maybe you are just seeing this for the first time since we added the new features.

Regards,

-Tim

Was doing common ports + OS one of the changes? I don’t remember this in 2.1 as I have usually had to right my own NMAP scan results to make sure I capture 9100 being open.

Paul Haferman

Office- 920.996.3011

Cell- 920.284.9250