Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi All, May I have a confirmation if Temporal agent on ISE supports windows hotfix check? It says below that web agent for windows supports but temporal agent for windows doesn't;
However, isn't temporal agent the same as the web agent for windows...
Hi All,We’re currently in a conversation with an Aruba ClearPass customer who would like to leverage on their existing CP’s 802.1x authentications for our ISE-PIC/FMC identity NGFW solution.We’d like to know if the custom pre-defined ClearPass syslog...
Hi all,Customer has security audit requirements and their audit team is asking my customer to prove that all these services with vulnerabilities to be shut down.Understand that we can turn off TLS 1.0 and 1.1 on ISE 2.2P2 but we're still unsure how d...
Hi All,May I confirm that currently the supported use-case for 3rd party VPN concentrator are only for AAA services if they are able to support these radius attributes:AAA Attributes for Third-Party VPN Concentrators For VPN concentrators to integrat...
Hi All,I'll just like to confirm that my understanding of how encryption is currently done for TACACS+ users in ISE 2.2 Internal Identity Store:With reference to this link: http://pmbuwiki.cisco.com/Products/ISE/Technical/Security#How_is_information_...
Hi Jason,
Thank you so much again for the prompt reply. May I also confirm if there's a procedure to check/ensure the windows endpoint is always up-to-date in regards to the patches and not just file checks on individual hotfixes?
Hi Jason,
Thank you for the prompt response.
Perhaps I should rephrase my question.
As of ISE2.1, can we confirm that the web agent supports windows hotfix checks? It’s stated as yes in the 2.1 documentation: https://www.cisco.com/c/en/us/td/docs/...
Thanks a lot Hslai, would there be any documentation that we could show to user's compliance audit team to convince them that ISE is not impacted by SSHv2 vulnerabilities sine we only accept connections from SSH v2 clients. Would be good if there's a...
Hi Charles,Actually that is the exact documentation that the customer is referring to as a hardening guide. They are upset that it's the advise of that specific documentation to follow the Prime Infra Admin guide, which in turn advise for turning off...
