This document is for Cisco Engineers and customers deploying Cisco Threat Centric NAC using Cisco Advanced Malware Protection (AMP) for Endpoints in the Cloud (FireAMP v5.3.2016072523 or greater) with Cisco Identity Services Engine (ISE) 2.1. ISE needs an APEX license for the ability to subscribe to the Cloud AMP for Endpoints.
Cisco AMP for Endpoint integration does not use Cisco platform Exchange Grid (pxGrid) for ISE integration, instead it uses Structured Threat Information Expression (STIX). STIX is an information exchange language and used to exchange cyber threat intelligence with organizations. It allows a common framework for organizations to share cyber threat information and adapt quicker to computer-based attacks.
Cisco Threat Centric NAC using Cisco AMP for Endpoints in the Cloud also falls into the Rapid Threat Containment category. Cisco Security Solutions and Ecosystem and CSTA partner solutions that fall into this category use Adaptive Network Control (ANC) mitigation actions to respond to or contain threats by issuing mitigation actions either from pxGrid, ISE EPS RESTful API or STIX.
I decided to post something that may be useful to others looking at the Single Click Sponsor Portal Functionality in ISE 2.2+. I had a weird issue in our environment where some sponsors were able to use the tokenized single-click link from their ema...
Hello Cisco Community, We recently check in the VPN the communication is not working well.We received these errors: Group = x.x.x.x, IP = x.x.x.x, Rejecting IPSec tunnel: no matching crypto map entry for remote proxy 172.29.180.0/255...
What is the purpose of Stealthwatch domains? What I was hoping it would do is isolate Flow Collectors, alarms, policies, etc., but it doesn't look like this is the case; at least in the Web UI. -Thanks
ASA 9.8.3I'm trying to setup certificate-based authentication for AnyConnect and running into errors "CRYPTO_PKI: No Tunnel Group Match for peer certificate. CERT_API: Unable to find tunnel group for cert using rules (SSL)" AND "CRYPTO_PKI: No suita...
What happens if you try and load ISE 2.4 code on a 3495? Are there any warnings or preventions?
Also, will the URT tool flag you if you try and upgrade a 3495 to 2.4 when you run URT on it?
I had a customer load 2.4 on a 3495 and I ...