cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1321
Views
0
Helpful
2
Replies

NMAP Profiler Details

paul
Level 10
Level 10

I am doing an ISE install at a large hospital and they are concerned about the NMAP profilers effect on some of their legacy medical equipment.  I have done 75-100 installs at all sorts of customers including hospitals and manufacturing environment and have never had an issue with the selective NMAP scans ISE uses.  However, the customer would like more detail on exactly what the NMAP scan will be doing. 

I believe the default NMAP scan in 2.x is SNMP + OS scan.  So the SNMP port check is easy to explain, but what is involved in the OS scan?  If ISE is using the standard NMAP process under the covers what switches (options) are run for the OS detection?

I am not worried about ISE causing an issue, but I need to provide details as the customer has had other products like Qualys take down their PAX system.

Thanks.

1 Accepted Solution

Accepted Solutions

Thanks!

I also found the base command used in the admin guide:

nmap -O -sU -p U:161,162 –oN

View solution in original post

2 Replies 2

hslai
Cisco Employee
Cisco Employee

Yes, you are correct ISE is using the open-source NMAP utility for this. How To: ISE Profiling Design Guide has the info and this  is still true for ISE 2.x.

Thanks!

I also found the base command used in the admin guide:

nmap -O -sU -p U:161,162 –oN