cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Ask the Expert- SD-WAN

How To: ISE and ASA Integration using CoA for Posture

21279
Views
7
Helpful
5
Comments

This paper will focus on Identity Services Engine (ISE) ability to determine the endpoint state by doing a posture assessment. Before the release of ASA 9.2.1 VPN users requiring posture functionality required an Inline Posture Node (IPN) between the VPN infrastructure and the LAN protected network. With the release of ASA 9.2.1 we now have the ability to enforce policy the ASA and ISE has the ability to send a “policy push” after a posture assessment has taken place.

Comments
Beginner

Is there an update for the document for ISE 2.2?

Cisco Employee

Nothing has changed for ISE 2.2.

The fundamentals should remain the same.

Let us know if something no longer applies or is correct.

Beginner

On page 18, the should the NACagent 4.x continue to be used? This was replaced by ISE posture, right?

Cisco Employee

Right, AnyConnect with the Compliance module.

Please see How To Configure Posture with AnyConnect Compliance Module and ISE 2.0

Beginner

Thanks, this is helpful.