Solved: ISE TC-NAC - secure endpoint

Simone Stellato · ‎02-06-2024

Hi,

I'm new to ISE world and I actually started few days ago watching the webinar on cisco learning network.

Not sure If I'm getting this right.

Last section i saw was discussing about RTC and TC-NAC.

From what I understood in RTC ISE is doing remediate action, based on pxgrid partner decision, using EPS/ANC.

TC-NAC instead ISE is enriched with context information from pxgrid partner and make is own decision like CoA/ANC. For certain product ANC can be automatic like CVSS decision with Qualys.

I'm not sure if for Secure Endpoint ANC/CoA can be applied automatically or the only way is manually through the GUI.

Hope my question is clear and thanks in advance to who will reply.

Simone

ahollifield · ‎02-07-2024

https://www.cisco.com/c/en/us/td/docs/security/ise/3-2/admin_guide/b_ise_admin_3_2/b_ISE_admin_32_threat_containment.html

Cisco ISE supports the following adapters:

SourceFire FireAMP
Cognitive Threat Analytics (CTA) adapter
Qualys

Note

Only the Qualys Enterprise Edition is currently supported for TC-NAC flows.
Rapid7 Nexpose
Tenable Security Center

View solution in original post

ahollifield · ‎02-07-2024

https://community.cisco.com/t5/security-knowledge-base/ise-security-ecosystem-integration-guides/ta-p/4782363#secure-endpoint

Simone Stellato · ‎02-07-2024

Hi,

thanks for your reply and for posting this resource!

I already saw the documentation but still not sure about the answer to my question.

Could you please help me clarify?

Thanks

ahollifield · ‎02-07-2024

https://www.cisco.com/c/en/us/td/docs/security/ise/3-2/admin_guide/b_ise_admin_3_2/b_ISE_admin_32_threat_containment.html

Cisco ISE supports the following adapters:

SourceFire FireAMP
Cognitive Threat Analytics (CTA) adapter
Qualys

Note

Only the Qualys Enterprise Edition is currently supported for TC-NAC flows.
Rapid7 Nexpose
Tenable Security Center