Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1362
Views
5
Helpful
2
Replies

Multiply access levels based on posture conditions

sergey.dibrov
Level 1
Level 1

‎09-06-2021 11:57 PM

Hello, team.

Is it posible to create multiply level of Autorization based on  Compliance conditions:

if endpoint mets all requiments  - full complience - - assign profile FULL

if endpoint mets requiment 1 only  - assign  profile LIMIT 

How to realese this hierarhy access?

We use ISE 3.1.0

0 Helpful
2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

‎09-07-2021 12:21 AM - edited ‎09-07-2021 01:28 AM

Hope that should not be possible i guess. (typo issu)  - worth looking below documents and limitations.

 

https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine-22/210523-ISE-posture-style-comparison-for-pre-and.html

 

https://ciscocustomer.lookbookhq.com/iseguidedjourney/ISE-design-endpoint-attributes

 

BB

=====Preenayamo Vasudevam=====

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Mohammed al Baqari
Level 11
Level 11

‎09-07-2021 12:35 AM

Hi,

I don't think this is possible. The compliance module will validate all
configured requirements for all matching posture policies and the result
will be compliant , non-compliant or unknown. If one condition is not
matched it will be non-compliance.

Try to raise this as an enhancement request with your account management
for a more granular posture results. Otherwise, having more conditions in
policy set instead of just posture status.

**** please remember to rate useful posts
Customers Also Viewed These Support Documents