has anyone done WSA onprem to umbrella SIG migration. How to get the Identification Profiles, Access Policies from WSA migrated to Umbrella SIG.What config changes to be done in Endpoint for the new Umbrella SIG proxy control to be effective.
guys pls check the screenshot attached of an ISE patch condition (Win10-Patch Condition.jpg).Does it means ISE posture check whether Windows OS critical patches are up-to-date or BigFix client agent is up-to-date?
I had applied this patch condition...
I am using Anyconnect VPN in ASA. ASA is done radius AAA to ISE and then to AD.
how can ASA assign different group policy in ASA based on the AD user group. Intention is to assign different IP pool in ASA based on the AD user group (user connecting v...
I have integrated Cisco ISE pxGrid with Cisco FMC. Now, how to send few IP/MAC from Cisco ISE radius authentications to FMC so that the FTD firewall will permit only those IP in the access policy
existing WSA won't be used anymore. It wd be decommissioned.I think hybrid policy wont work here. Other than manually creating the policies in umbrella, any other mechanism to migrate?
this is the guide to licensing - https://www.cisco.com/c/en/us/td/docs/security/threat_grid/admin-guide/v2-11/b_threat-grid-admin-guide/m_configuration-admin-ui.html#task_u1c_pwl_tkb
thank you @Azizi123 commands looks helpful, but how to do Posture from ISE with these commands other powershell script.Powershell might be disabled in most systems.
802.1x is an authentication protocol only. it has no relation with SXP.
ISE uses Trustsec/SXP service to inform switches on the SGT tags. Check below doc - https://www.lookingpoint.com/blog/cisco-ise-trustsec-propagation