Before importing to a production ISE deployment, be sure you have read and understand the following conditions and caveats:
Before importing the profile library to a production ISE deployment, it is highly recommended that you first complete the following tasks:
Backup the ISE configuration database under Administration > System > Backup& Restore, or via CLI.
Optionally, export all current ISE profiles under Policy > Profiling > Profiling Policies > Export > Select All.
Restore current ISE configuration to a lab system and test the import of new profile library. Note resulting profile policy changes to current endpoints which may impact policy assignment in the production deployment.
This library contains approximately 9 new/updated profiles.
This library is based on Profiler Version 3 compatible updates which ensures that only ISE deployments running ISE 2.1 and above can import the library. This is due to the use of probes introduced in ISE 2.1 including the NMAP and AD probes.
Logical Profile creation: ISE does not currently support import or API update of logical profiles. Therefore, it is necessary to manually assign the new profiles to a new or existing logical profile. Each of the profiles do have descriptions which can aid in deciding how to logically group the profiles. Each profile can be a member of more than one logical profile. Logical profiles allow groups of devices to be distinguished in Context Visibility and facilitate the creation of policy rules based on logical groupings versus individual profiles.
This profile library uses the existing Workstation > Microsoft-Workstation profile hierarchy. There is a minor enhancement to the Windows8-Workstation profile. As such, Feed Service updates will not make changes to this profile. If wish to revert to original profile, this can be done by deleting the current version of profile and original Cisco-Provided profile will return in its place.
To install the Windows Embedded-IoT profile library:
Download the Cisco ISE Windows Embedded-IoT Profile library ZIP file
Unzip the ZIP file on your local computer to get the XML file.
In ISE, navigate to Work Centers > Profiler > Profiling Policies
Click Import ()
Choose the Windows Embedded-IoT XML file
Click on Submit.
Wait ~1 minute or less for the Windows Embedded-IoT endpoint profiles to be imported!
Once the endpoint profiles are imported, you may view the list of Windows Embedded-IoT devices by choosing Quick Filter and entering "Windows" under the Profiler Policy Name and "Administrator Created" or "Administrator Modified" under the System Type header. The filters should display the following new or modified profiles:
Hi, I'm installing ISE 2.6 with Anyconnect 4.7 with ISE Posture VPN Posture and Compliance Module 4.3 for posture. But When test PC is connected to NAD, it gets authenticated but Compliance Modue shows message "Byppassing anyconnect scan your network...
Dear Support, We have FMC 2500 appliance where fiber card 10 GB is integrated.we are trying to move the management copper port , to the fiber ports 10 GB. however , if you go to system > configuration > management interfaces , you will onl...
Hello together,I normally use the Cisco AnyConnect Secure Mobility Client to connect to my university's network when I'm working from home.For some time, it hasn't been working any more. As soon as I establish a connection over the VPN client, I can not b...