Hello,
I would like to use a DACL in my ISE deployment to more secure networked printers.
I am currently at ISE 2.4 patch 8. I have a two-node deployment which has been working well.
I am now allowing printers onto the network by adding them to a Endpoint Identity group and then allowing that group network access.
I would like to be more secure than what I am doing now. I have considered certificates but because of the number of printers (about 110) and the variety of printer manufacturers I believe this would be very difficult.
I am now considering adding a DACL to more secure the printers. I have a DACL already created for the Printers Authorization Profile but it is simply "Permit IP any any".
I have researched and I would need to allow only certain ports (515 and 9100) and maybe others.
Can someone direct me to a sample of what a Printer DACL would look like?
