Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Overview
Certificate-based authentication provides a more secure method for API clients to authenticate without transmitting passwords.
Certificate-based authentication for API calls was introduced in Cisco ISE Release 3.3 as a new feature. This guid...
Customer is using ISE 3595 VM which by default allocates 64GB of RAM to the VM. They have been monitoring the memory usage on PSN nodes from vCenter and it's mostly using ~1GB. They are interested in turning the 'Turbonomics Memory Management' featur...
`ciscoisesdk` version 2.4.2 added support for certificate-based API authentication.
Here's an example of how to use that:
from ciscoisesdk import IdentityServicesEngineAPI
from ciscoisesdk.exceptions import ApiError
api = IdentityServicesEngineAPI(b...
Please check if MAC address randomization is enabled on the laptop. Currently NAM does not support that option.
https://support.microsoft.com/en-us/help/4027925/windows-how-and-why-to-use-random-hardware-addresses
Normally I'd expect to see PCI vs non-PCI zones segmented by firewall(s) and ISE hosted in a non-PCI zone. In any case, guest portal should not be hosted on ISE that is deployed in PCI zone.
The customer I support also need to comply to PCI regula...
Similar situations have come in the past with OpenSSL vulnerabilities. The process for such situations is that Cisco PSIRT gets notified about third party vulnerabilities and they coordinate patch fix testing for Cisco application with respective BU....
