About manvik

manvik · 03-21-2025

guys pls check the screenshot attached of an ISE patch condition (Win10-Patch Condition.jpg).Does it means ISE posture check whether Windows OS critical patches are up-to-date or BigFix client agent is up-to-date? I had applied this patch condition...

manvik · 03-07-2025

I am using Anyconnect VPN in ASA. ASA is done radius AAA to ISE and then to AD. how can ASA assign different group policy in ASA based on the AD user group. Intention is to assign different IP pool in ASA based on the AD user group (user connecting v...

manvik · 02-27-2025

I have integrated Cisco ISE pxGrid with Cisco FMC. Now, how to send few IP/MAC from Cisco ISE radius authentications to FMC so that the FTD firewall will permit only those IP in the access policy

manvik · 02-06-2025

any method for ISE posture to check whether particular KB are installed in an endpoint windows system. There's no windows WSUS server available too.

manvik · 02-06-2025

how to integrate cisco ISE with BigFix Patch management server. the goal is when a windows endpoint connects to ISE, ISE shd check bigfix patch server whether the endpoint is latest updated.If updated ISE posture permits the endpoint to network.

manvik · 03-26-2025

thank you @Azizi123 commands looks helpful, but how to do Posture from ISE with these commands other powershell script.Powershell might be disabled in most systems.

manvik · 03-26-2025

if you're referring to posture, yes it can be done for Anyconnect VPN.

manvik · 03-23-2025

802.1x is an authentication protocol only. it has no relation with SXP. ISE uses Trustsec/SXP service to inform switches on the SGT tags. Check below doc - https://www.lookingpoint.com/blog/cisco-ise-trustsec-propagation

manvik · 03-23-2025

ISE has many probes for profiling, bet one is radius probe. All the probes are mentioned here - https://community.cisco.com/t5/security-knowledge-base/ise-profiling-design-guide/ta-p/3739456#toc-hId-1115939359You can use http probe, it gives few good...

manvik · 03-23-2025

What is your deployment ?? ISE has any PxGrid integration??ISE can SGT info even for 802.1x users.

Member Since	‎09-15-2015 03:27 AM
Date Last Visited	‎03-28-2025 01:02 AM
Posts	276
Total Helpful Votes Received	62

User Statistics

User Activity

meaning of ISE patch condition

ASA VPN policy based on AD groups

ISE PxGrid with FMC access policy

ISE posture windows update KB

ISE with bigfix patch server

Re: ISE posture for Active Directory join

Re: ISE posture for Active Directory join

Re: Cisco Trustsec Dynamic SGT Assignment

Re: Cisco ISE - Avaya IP Phone with Static IP Profiling

Re: Cisco Trustsec Dynamic SGT Assignment