Before importing to a production ISE deployment, be sure you have read and understand the following conditions and caveats:
This library contains approximately 11 new profiles.
This library is based on Profiler Version 4 compatible updates which ensures that only ISE deployments running ISE 2.4 and above can import the library. This is due to the fact that profiles are based on the new pxGrid Probe introduced in ISE 2.4.
Logical Profile creation: ISE does not currently support import or API update of logical profiles. Therefore, it is necessary to manually assign the new profiles to a new or existing logical profile. Each of the profiles do have descriptions which can aid in deciding how to logically group the profiles. Each profile can be a member of more than one logical profile. Logical profiles allow groups of devices to be distinguished in Context Visibility and facilitate the creation of policy rules based on logical groupings versus individual profiles.
To install, the IND endpoint profile library:
Download the Cisco ISE IND IoT Profile library ZIP file
Unzip the ZIP file on your local computer to get the XML file.
In ISE, navigate to Work Centers > Profiler > Profiling Policies
Click Import ()
Choose the IND XML file
Click on Submit.
Wait ~1 minute or less for the IND endpoint profiles to be imported!
Once the endpoint profiles are imported, you may view the list of IND devices by choosing Quick Filter and entering "IoT-" under the Profiling Policy Name header. There will be two main categories:
IoT-DeviceType - Corresponds to unique IND Device Types
IoT-Protocol-Device - Corresponds to the unique IoT/OT Protocol used by the device
Hi, We are migrating from ACS to ISE for our device authentication via SSH. I have noticed when we use the ACS server after the user enters their username we get a "Tacacs+" prompt next to the password promtp, so we know we need to enter Tacacs rathe...
In our environment we have Juniper and Aruba WLCs that have been deployed and configured both types with their respective Device Profile Types. All the Junipers are placed in 1 Network Group Location where the policy set is configured to allow a...
I am creating a IPSec IKEv1 client access VPN on a ASA 5516x to allow clients to VPN in using the native Windows 10 vpn.I have created the profile which works perfectly with local user authentication, but if I switch it across to the Radius profile I am g...