Thanks for reply... Like I mention earlier - in my environment are two types of devices: - dot1x authenticated (no problem with that), - MAB authenticated. In ISE 1.x releases MAB authentication was very clear - if MAC address exist in ISE Internal Database (with policy and group assignment (IP-Phone,CiscoIPPhone), then device was successfully authenticated by switch and get access to network. In ISE 2.x MAC addresses appears in ContextVisibility with assignment Unknown/Unknown - mentioned auto profilng. So what with authentication - it should be possible only after adding static assignment to group/policy? Case: In last month, after ransomware attack, I try to find all MAC addresses belong to Guests PC. Part of them was added to static group X, part to Y and maybe something was added by mistake to other group. So I have exported all addresses (export csv function in Context Visibility/Identity Endpoint), find suspected entries and one by one find them in ContextVisibility, select and delete. But after that, those devices was still able to authenticated in network (find them in Identity Group) Generally I'm not sure how to correctly add/remove MAC in Internal Database. And extra question - it is possible to turn off auto profiling/adding mac to ISE?
... View more
Hello, I'm looking for help. After update to latest version of ISE 2.2 with latest Patch I have a lot of problems with adding/deleting MAC address in Internal Endpoint. Where is correct place or how I should manage MACs. I use lot of MAB devices and need to add/remove few entries per day. How to achive this? In version 1.3 was simple - add MAC to specific group. Since version 2.X there is a Context Visibility Page where I was able to add/delete MAC address. Also in version 2.X appear new functionality - new MAC addresses of devices appear on Context Visibility, after this I have edit them and assign to correct group. Now I have problem with ElasticSearch (opened TAC), and only working method is importing new entries with CSV. But how to find specific MAC and delete it???
... View more