Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2259
Views
0
Helpful
1
Replies

ISE priority regarding CF certainty factor

Go to solution
aleopoldie
Level 3
Level 3

‎11-06-2019 11:42 AM

Hello experts,

 

I have a doubt regarding the Certainty factor on ISE.

Let's suppose we have a default profiling rule which is Canon Device with one condition matching the Canon OUI and CF = 10 (Minimum CF = 10)

1st question : Now if I create a custom profiling rule with exactly the same rule, meaning the Canon OUI with CF = 10. Which one will match ? Is it alphabetic order or something else ?

 

2nd question : How the priority is done ? Let's suppose I have 2 profiling rules :

- The first one contains 2 conditions:

        * the first with Canon OUI (CF = 10)

        * the second one is the dhcp-class-identifier that has to match ABC   (CF = 10)      

        * Minimum CF = 10

- The second one contains 3 conditions:

        * the first with Canon OUI (CF = 10)

        * the second one is the dhcp-class-identifier that has to match ABC (CF = 10)

        * the third one with MAC address starting with XYZ (CF = 10)

       * Minimum CF = 10

 

Which profiling rule will win ?

 

I hope I am enough clear :)

 

Thank you,

A.

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
hslai
Cisco Employee
Cisco Employee

‎11-08-2019 08:36 AM

On 1, I would avoid doing that. If you want preventing the profiler feed services updating the profiling policies without you reviewing the changes, you may opt for off-line updates instead. Otherwise, I believe either policy can be matched so it's not deterministic.

On 2, I believe you meant two different profiling policies -- one with 2 rules and the other 3 rules. If the endpoint matched on only the first 2 rules, then same as (1). If the endpoint matched on all three rules, then it will be profiled as the 2nd profiler policy.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
hslai
Cisco Employee
Cisco Employee

‎11-08-2019 08:36 AM

On 1, I would avoid doing that. If you want preventing the profiler feed services updating the profiling policies without you reviewing the changes, you may opt for off-line updates instead. Otherwise, I believe either policy can be matched so it's not deterministic.

On 2, I believe you meant two different profiling policies -- one with 2 rules and the other 3 rules. If the endpoint matched on only the first 2 rules, then same as (1). If the endpoint matched on all three rules, then it will be profiled as the 2nd profiler policy.

0 Helpful
Customers Also Viewed These Support Documents