09-26-2022 06:11 AM
I have started the process of integrating ISE and Tenable to allow ISE to trigger scans on endpoints based on how long its been since the last scan. Now that I have some results I am wondering if I can craft policy sets so that a device is allowed access based on a plugin-id. I can see that their are dictionary attributes that allow me to add a CVSS score outcome to the policy set matrix but sometimes that may be a little too much of a cleaver action. For example currently we are still supporting legacy webapps that require IE which is listed as a CVSS score of 10 by tenable so I would want to say something like device has a score of ten but not because of the plugin id for having IE installed.
Solved! Go to Solution.
10-01-2022 03:10 PM
As you have seen you may use any of the attributes at your disposal to craft an authorization rule with CVSS score. I don't know what the "plugin id" is that you are referring to but if it is available in a RADIUS attribute from Tenable or other source then it could be used.
10-01-2022 03:10 PM
As you have seen you may use any of the attributes at your disposal to craft an authorization rule with CVSS score. I don't know what the "plugin id" is that you are referring to but if it is available in a RADIUS attribute from Tenable or other source then it could be used.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide