Solved: Will ISE support vulnerability Info coming from FMC/FTD and TALOS?

frbello · ‎06-19-2017

Hi,

As today ISE use 3rd Party to populate vulnerability information in order to create access rules based on endpoint status.

Firepower Management Center and Firepower Threat Defense sensors also have a similar information collected thru Network Discovery process, so it is logical to think we can use this same info also for ISE to create this vulnerability context without relying on a 3rd-party when the customer already has FTD/FMC deployed.

Any comments on that?

Timothy Abbott · ‎06-19-2017

Freddy,

Unfortunately we can't discuss futures in this forum. Today, ISE supports AMP, CTA and Qualys for threat / vulnerability information. The integration between the two systems uses pxGrid for Rapid Threat Containment (RTC). This allows FMC to subscribe to identity information ISE knows about and can also quarantine an endpoint if policy is violated. Ultimately, it is a function of where you want the threat / vulnerability information displayed: ISE or FMC.

Regards,

-Tim

View solution in original post

Timothy Abbott · ‎06-19-2017

Freddy,

Unfortunately we can't discuss futures in this forum. Today, ISE supports AMP, CTA and Qualys for threat / vulnerability information. The integration between the two systems uses pxGrid for Rapid Threat Containment (RTC). This allows FMC to subscribe to identity information ISE knows about and can also quarantine an endpoint if policy is violated. Ultimately, it is a function of where you want the threat / vulnerability information displayed: ISE or FMC.

Regards,

-Tim