Lab Minutes Forum

Technical Discussion => Security => Topic started by: Administrator on March 31, 2021, 10:59:29 PM

Title: Device Profiling on behalf of Christopher L
Post by: Administrator on March 31, 2021, 10:59:29 PM
I am trying to build a Cat3850 as a device sensor and want to use radius only with ISE to both profile and authenticate... is this possible. I don't want CDP, add my ISE through ip helper or enable SNMP... Can ISE be configured without this additional means. I am in a high security area and don't want this integration between the NAD and the ISE
Title: Re: Device Profiling on behalf of Christopher L
Post by: Administrator on March 31, 2021, 11:04:00 PM
You can certainly use RADIUS probe only for profiling by not enabling SNMP poll or configure IP helper but ISE may not have enough information to accurately identify the device. Enabling device-sensor will collect CDP/DHCP info unless a filter is configured. Here is more info

https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/200292-Configure-Device-Sensor-for-ISE-Profilin.html
SimplePortal 2.3.7 © 2008-2024, SimplePortal