Hello,
I want to know what additional mitigation action can Stealthwatch do once I have integrated the ISE.
I know I can manually enforce the Adaptive Network Control Policy from the Stealthwatch web console and use the TrustSec Tags as search attributes from this document.
But I really want to confirm if the ANC policy can be automatically enforced once some alarms / anomalies has been detected. I knew similar question has been answered in this post 2 years ago, but what about the recent version of Stealthwatch??
The newest Console User's Guide still say the Java console can work with ASA and routers to bring out automatic mitigation,
it would be really strange the newer Cisco FTD is not included and the ISE mitigation is manual only.
Thank you.
