04-15-2021 05:25 AM
Hi,
if NMAP is used for Profiling devices is there some kind of interval which reruns the scan to check if the device is still the same.
I know there is some kind of overload protection for the Node but is there some kind of verification like (if nmap last scan time is older than x) to ensure the scan did not run to often against a single MAC.
Solved! Go to Solution.
04-15-2021 06:04 AM
NMAP Scans for Unknown MAC Address while probing - you can do manual probing also. it all depends how you configure, some reference .
05-13-2021 02:06 PM
ISE should only perform an NMAP scan once per authentication.
It's purpose is to authenticate and profile devices upon connection - not to be a vulnerability scanner.
You should use a different security service for ongoing port detection and vulnerability scanning.
04-15-2021 06:04 AM
NMAP Scans for Unknown MAC Address while probing - you can do manual probing also. it all depends how you configure, some reference .
05-13-2021 02:06 PM
ISE should only perform an NMAP scan once per authentication.
It's purpose is to authenticate and profile devices upon connection - not to be a vulnerability scanner.
You should use a different security service for ongoing port detection and vulnerability scanning.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide