cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
888
Views
0
Helpful
1
Replies
Cisco Employee

ISE Posture Reassessments and Best Practices

Hello ISE Experts-

We have a potential large customer with roughly 40,000 endpoints that are looking at rolling out ISE with Posture Assessment:

  • Patches Posture and SCCM Integration
  • Mobile posture with Intune

The customer wants to know how often posture re-assessment should be done based on based practices and other customers that are in similar size.

Everyone's tags (6)
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Cisco Employee

Re: ISE Posture Reassessments and Best Practices

Nencho, there is no BP regarding posture re-assessment and it depends on the customer needs. It certainly provides better security to re-check endpoints periodically but at the same time the user may be quarantined as result of the assessment. You will need to balance between the convenience and the security in regards to enabling and also adjusting timer. One are that you should look into is how much impact it may have on the system, which you can reference here for the posture authentications per second:

ISE Performance & Scale

View solution in original post

1 REPLY 1
Highlighted
Cisco Employee

Re: ISE Posture Reassessments and Best Practices

Nencho, there is no BP regarding posture re-assessment and it depends on the customer needs. It certainly provides better security to re-check endpoints periodically but at the same time the user may be quarantined as result of the assessment. You will need to balance between the convenience and the security in regards to enabling and also adjusting timer. One are that you should look into is how much impact it may have on the system, which you can reference here for the posture authentications per second:

ISE Performance & Scale

View solution in original post