cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
527
Views
0
Helpful
1
Replies

Tenable ISE Integration

blackhawk127
Level 1
Level 1

I have started the process of integrating ISE and Tenable to allow ISE to trigger scans on endpoints based on how long its been since the last scan.  Now that I have some results I am wondering if I can craft policy sets so that a device is allowed access based on a plugin-id.  I can see that their are dictionary attributes that allow me to add a CVSS score outcome to the policy set matrix but sometimes that may be a little too much of a cleaver action.  For example currently we are still supporting legacy webapps that require IE which is listed as a CVSS score of 10 by tenable so I would want to say something like device has a score of ten but not because of the plugin id for having IE installed.

1 Accepted Solution

Accepted Solutions

thomas
Cisco Employee
Cisco Employee

As you have seen you may use any of the attributes at your disposal to craft an authorization rule with CVSS score. I don't know what the "plugin id" is that you are referring to but if it is available in a RADIUS attribute from Tenable or other source then it could be used.

View solution in original post

1 Reply 1

thomas
Cisco Employee
Cisco Employee

As you have seen you may use any of the attributes at your disposal to craft an authorization rule with CVSS score. I don't know what the "plugin id" is that you are referring to but if it is available in a RADIUS attribute from Tenable or other source then it could be used.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: