Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
497
Views
1
Helpful
2
Replies

Posturing requirements

ymadheka
Level 4
Level 4

‎05-16-2018 11:42 PM

Hi Team,

We are working on an opportunity of NAC solution and have queries unanswered as below:


  • Control on endpoint by posture scan for USB connected devices e.g. printer or scanners or NAS box. The use case for example is that the customer has a limit on number of prints sent to network printer and in case a USB connected printer is used then it should be restricted for use.
  • Control on endpoint by posture scan for VM hosted on endpoint . for example if a user has hosted virtual machine on endpoint & tries to infect/send malicious files from that endpoint, so customer needs to restrict such activity by per-scanning endpoint using posturing
  • Control on endpoint by posture scan for portable executable like torrent or FTP servers


Kindly advise on the above mentioned points.


Regards,

Yogesh

0 Helpful
2 Replies 2

Jason Kunst
Cisco Employee
Cisco Employee

‎05-17-2018 04:23 AM

None of these are available , please see admin guide for list of checks

https://www.cisco.com/c/en/us/td/docs/security/ise/2-3/admin_guide/b_ise_admin_guide_23/b_ise_admin_guide_23_chapter_011001.html#ID443

Customer can restrict applications installed perhaps with a management system like SCCM perhaps? Then validate compliance with anyconnect posture that SCCM is compliant? Not sure of external vendor capabilities

0 Helpful

Jason Kunst
Cisco Employee
Cisco Employee

‎05-17-2018 04:26 AM

Please keep in mind if you know what applications you want to restrict then with ISE 2.3 and latest anyconnect you can write policies that block access to network if those applications services are running for example

Default_AppVis_Policy_Win

Customers Also Viewed These Support Documents