Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Is there a particular place in the upgrade process to upgrade a pxGrid persona, as long as it's after the secondary admin and an MnT get upgraded? Is there a recommendation for how to handle services using pxGrid during this upgrade process since yo...
Is there a way to apply an automated EPS or ANC policy when an AMP4E event is sent to ISE? Also, when I look in the threat category in my policy set condition attributes, I see attributes for vulnerability scanners, but I don't see any AMP attribute...
Is there a way to apply a patch while you're upgrading an ISE environment? My use case is, if a customer is upgrading from ISE 2.2 to 2.4, they start with their Secondary Admin, Primary Monitoring, then they start upgrading their PSNs. However, dur...
I see that you can apply patches prior to registering PSNs to the upgraded deployment per this document: https://community.cisco.com/t5/security-documents/ise-upgrades-best-practices/ta-p/3656934#toc-hId--718381845
Jason,Thank you for the detailed response. I have one follow-up question, some of the responses have multiple URLs, for example the Endpoint Posture Update Pre2.4 has two links:pre2.4 https://www.cisco.com/web/secure/pmbu/posture-update.xml --> http...
Wouldn't using http leave a security gap because the session wouldn't be encrypted? If I'm an employee using the sponsor portal to register a guest, don't I risk passing my credentials in the clear over the network?Thanks,Matt
Thank you! This was helpful, but do you know if there is a way to pass back a name from the certificate itself, like UPN or CN, and look that up in AD to get group membership(s) to determine which authorization policy to apply?
