About manvik

manvik · 04-14-2025

has anyone done WSA onprem to umbrella SIG migration. How to get the Identification Profiles, Access Policies from WSA migrated to Umbrella SIG.What config changes to be done in Endpoint for the new Umbrella SIG proxy control to be effective.

manvik · 03-21-2025

guys pls check the screenshot attached of an ISE patch condition (Win10-Patch Condition.jpg).Does it means ISE posture check whether Windows OS critical patches are up-to-date or BigFix client agent is up-to-date? I had applied this patch condition...

manvik · 03-07-2025

I am using Anyconnect VPN in ASA. ASA is done radius AAA to ISE and then to AD. how can ASA assign different group policy in ASA based on the AD user group. Intention is to assign different IP pool in ASA based on the AD user group (user connecting v...

manvik · 02-27-2025

I have integrated Cisco ISE pxGrid with Cisco FMC. Now, how to send few IP/MAC from Cisco ISE radius authentications to FMC so that the FTD firewall will permit only those IP in the access policy

manvik · 02-06-2025

any method for ISE posture to check whether particular KB are installed in an endpoint windows system. There's no windows WSUS server available too.

manvik · 04-22-2025

existing WSA won't be used anymore. It wd be decommissioned.I think hybrid policy wont work here. Other than manually creating the policies in umbrella, any other mechanism to migrate?

manvik · 04-09-2025

this is the guide to licensing - https://www.cisco.com/c/en/us/td/docs/security/threat_grid/admin-guide/v2-11/b_threat-grid-admin-guide/m_configuration-admin-ui.html#task_u1c_pwl_tkb

manvik · 03-26-2025

thank you @Azizi123 commands looks helpful, but how to do Posture from ISE with these commands other powershell script.Powershell might be disabled in most systems.

manvik · 03-26-2025

if you're referring to posture, yes it can be done for Anyconnect VPN.

manvik · 03-23-2025

802.1x is an authentication protocol only. it has no relation with SXP. ISE uses Trustsec/SXP service to inform switches on the SGT tags. Check below doc - https://www.lookingpoint.com/blog/cisco-ise-trustsec-propagation

Member Since	‎09-15-2015 03:27 AM
Date Last Visited	‎04-22-2025 04:50 AM
Posts	279
Total Helpful Votes Received	63

User Statistics

User Activity

WSA to Umbrella Migration

meaning of ISE patch condition

ASA VPN policy based on AD groups

ISE PxGrid with FMC access policy

ISE posture windows update KB

Re: WSA to Umbrella Migration

Re: ThreatGrid license

Re: ISE posture for Active Directory join

Re: ISE posture for Active Directory join

Re: Cisco Trustsec Dynamic SGT Assignment