Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1200
Views
0
Helpful
1
Replies

What method is use in ISE quarantine?

raymondluis13
Level 1
Level 1

‎10-10-2022 11:41 PM

Hi,

So i integrated my Firepower and ISE. I have a policy that trigger the ISE to quarantine or block the user access to my network. All of that work, but it got me curious. What method does ISE use to quarantine endpoint? Is it dynamic ACL? if it dynamic ACL, what happen if the devices not connect to switch that support dynamic ACL?

Thank you

RL
0 Helpful
1 Reply 1

Aref Alsouqi
VIP
VIP

‎10-11-2022 03:49 AM

Not necessarily, ISE can apply whatever action you configure on its quarantine policy, for example, you can return an access deny attribute to the network device, a dACL, change VLAN etc. The network device must support CoA and be able to apply the returned attribute from ISE. The CoA is a key here as that will be used to trigger the session reauthentication which will then associate the configured action to that session.

0 Helpful
Customers Also Viewed These Support Documents