cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
872
Views
0
Helpful
1
Replies

ISE Dashboard Total Devices Count

scamarda
Cisco Employee
Cisco Employee

I am in the middle of a demo eval.  Currently we have ISE 2.4p5 set up for Context Visibility only.  We have only set up rules to authenticate one system (User/Machine Auth, Posture, No Profiling) We have DHCPSPAN enabled using a span port that sits in front of the DHCP server and the Internet.  We have discovered about 100k devices using DHCPSPAN and some Visibility wizard scans.  We have not done any nmap scans in about 30 days.  We are competing with another NAC solution that has only discovered about 40k devices using their discovery methods.  We are told we are not discovering their guest network and we confirmed that.  The customer believes ISE has phantom entries or is double counting bring it to the 100k count.

 

We have taken an endpoint export and we are analyzing the data.  I am looking to set up a purge policy to weed out any seen-once-and-gone devices.  I am worried that since I am not doing AAA, I will end up deleting legitimate endpoints from the DB.  Is there a condition that I can use that will allow me to delete endpoints that are no longer connected to the network?  Will InactivityDays work? Again, this is visibility only, no AAA enabled.

 

In the endpoint export, many machines do not have an 'Update Time' entry, Could I consider that as an option to purge devices from the csv file? 

1 Accepted Solution

Accepted Solutions

Mike.Cifelli
VIP Alumni
VIP Alumni
Is there a condition that I can use that will allow me to delete endpoints that are no longer connected to the network? Will InactivityDays work?

-From my experience InactivityDays would work. You could also use ElapsedDays Equals <length> to purge endpoints.

View solution in original post

1 Reply 1

Mike.Cifelli
VIP Alumni
VIP Alumni
Is there a condition that I can use that will allow me to delete endpoints that are no longer connected to the network? Will InactivityDays work?

-From my experience InactivityDays would work. You could also use ElapsedDays Equals <length> to purge endpoints.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: