About PRANetworkTeam

PRANetworkTeam · 10-06-2022

Hello Cisco brains, I recently deployed Cisco ISE (3.1P3) and I'm running into an issue with Anomalous Behavior and Detection. I understand that in order for ISE to trigger an anomaly, it must hit the following:NAS-Port-Type - Determines if the acces...

PRANetworkTeam · 10-14-2022

Yes. It turns out the team that manages QRadar had an error in their setup, and they resolved it. I would hope that the TCPDUMP would cover the UDP traffic to at least prove that I am sending the logs.

PRANetworkTeam · 10-11-2022

Thanks for the input! @ahollifield . The goal is to keep things as simple as possible without restricting access to deploying new machines. These options helped confirm our thought process as well.

PRANetworkTeam · 10-06-2022

@ahollifield That would be an easy way out however our Security Team wants us to enable ISE on all ports. Unfortunately having a select group of ports on the network open is not an option.

Member Since	‎01-16-2017 11:51 AM
Date Last Visited	‎09-26-2025 10:38 AM
Posts	5

User Statistics

User Activity

Cisco ISE Anomalous Behavior dhcp-class-identifier Imaging Issue

Re: Cisco ISE Syslog Target Capture

Re: Cisco ISE Anomalous Behavior dhcp-class-identifier Imaging Issue

Re: Cisco ISE Anomalous Behavior dhcp-class-identifier Imaging Issue