Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi, One customer wants to be audited for PCI DSS compliance. They have c2911 routers as WAN routers. When they do port scanning, obviously there are some ports open as routers are doing natting. As far as I know, port scanning cannot be prevented wit...
Hi all,
Does anyone know if in the last release, ISE can load an attributes library from different vendors? if not, when it will be. One of the major handicaps against its competitors, like Clearpass, if the lack of compatibility with other vendors.
...
Hi all,
I have to design an ISE deployment for 70000 enpoints. Let's assume that we use the 3595 appliance and we want a full HA system. How many ISE nodes do I need?
The designs guides are not clear to me. They jump from 20000 nodes up to 500000 no...
Hello Philip, Thanks for your quick response. Could we get a similar result regarding port scanning with reflexive ACL?I know it is not as powerful as CBAC but we might prevent port scanning tools from seeing open ports. thanks
Hello Martin,
Thanks for your answer. Which vendors are these? Did you got any issue about how the attribute format was sent to the NAS? I've heard that attributes from other vendor can be done, but it is not an easy task to do.
Could you send me so...
Hello,
thank you for your answer, very helpful. But I still have doubts about how ISE scales. According to Cisco with
2 x Admin+Monitor+pxGRID5 x PSNs
Only 20000 users are supported (see file attached). But according to your calculation, we should ...
Hi Amjad, Thanks for you quick response. As you've said, EDCA profiles have different values for the parameters I mentioned. But they are fixed values, I would like to change them to my will for testing purpose. I guess I'll have to look for a differ...
