Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
928
Views
5
Helpful
2
Replies

Report based on TLS version used by endpoints

dgaikwad
Level 5
Level 5

‎03-09-2020 02:16 AM

Hello Experts,
I would like to extract reports based on the TLS version being used by the endpoints, as seen here:
Cisco ISE - TLS version.png
But, was not able to locate such a filter on ISE Reporting, any pointers to the same?
Or is this something that cannot be extracted from ISE?

0 Helpful
2 Replies 2

Mike.Cifelli
VIP Alumni
VIP Alumni

‎03-09-2020 06:51 AM

AKAIK there is not a direct report you can run to target that. However, you could run a report on Top N Authentication by Failure Reason, and create a rule like this: Failure reason contains TLS. This would report how many endpoints are failing auth due to TLS issues. Do you use the ise posture module? If so, you could setup a registry check to determine what your hosts are configured to use from a Windows perspective: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RasMan\PPP\EAP\13. That key is specifically applicable to EAP TLS and PEAP. There may be some other keys you could leverage as well. Good luck & HTH!

dgaikwad
Level 5
Level 5
In response to Mike.Cifelli

‎03-11-2020 11:11 PM

Yes, I did try out this way of finding out the endpoints, but this method does not provide an option to extact the report in csv format.
The report generated in graphical format only...

Any workaround to get that report extracted in csv format?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents