This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
Environment: ISE 2.2
Currently working on a requirement to check a certain encryption software which is only installed on laptops.
So decided to do the posture check using endpoints profiled based on hostnames, as they have already have a hostname naming scheme devices by type, e.g. Laptops, starts with LT and desktops with DT.
So based on this information I have created this profiling policy:
Using this profiling I was able to profile only 127 endpoints... where as there are thousands that I see out there...
While looking at the Context Visibility -> Endpoints, I see that the host name columns is empty...
Does this mean that there are some more probes that are needed to be enabled (already DNS, DHCP, Active Directory and Radius are enabled on all the PSNs).
The other thing that I see is that, when I check the attributes of an endpoint, I see the attribute Systemname has all the host-name of the endpoint...
I am not able to find this attribute to do the profiling though, any idea where this could be found to do the profiling..?
As expected, the device sensor commands are not enabled on every NAD out there.
The question is that, if these commands are enabled on all NADs, will that have any kind of a performance hit? Performance hit on NADs as well as ISE?