Manuals+

Cisco ISE Endpoint Profiling Policies

Introduction to Endpoint Profiling

The Cisco Identity Services Engine (ISE) profiling service is a key component for identifying and categorizing devices connected to your network. By leveraging various network probes and predefined policies, Cisco ISE can accurately profile endpoints, enabling granular control over network access and resource allocation. This document serves as a guide to understanding and implementing these profiling policies within your Cisco ISE environment.

Key Features and Capabilities

The Cisco ISE profiling service offers a robust set of features designed to enhance network visibility and security:

  • Endpoint Identification: Accurately identifies and classifies endpoints regardless of their type or operating system.
  • Policy Enforcement: Enforces access policies based on endpoint profiles, ensuring compliance and security.
  • Network Visibility: Provides a centralized dashboard for monitoring endpoint status, profiles, and network activity.
  • Probe Integration: Supports various network probes, including NetFlow, DHCP, HTTP, SNMP, NMAP, and pxGrid, to gather comprehensive endpoint attributes.
  • Customization: Allows for the creation of custom profiling policies and conditions to meet specific network requirements.

Getting Started with Profiling

To effectively utilize the Cisco ISE profiling service, administrators can configure various settings and probes through the Cisco ISE interface. This includes setting up network probes, defining endpoint attributes, and creating profiling policies. For detailed configuration steps and best practices, please refer to the relevant sections within this document.

For further information on Cisco products and solutions, visit Cisco's official website.

PDF preview unavailable. Download the PDF instead.

b ise admin guide 20 chapter 010100 DITA Open Toolkit XEP 4.9 build 20070312; modified using iText 2.1.7 by 1T3XT

Related Documents

Preview Configuring RADIUS on Cisco Devices: A Comprehensive Guide
This guide provides network administrators with essential information for configuring RADIUS (Remote Authentication Dial-In User Service) on Cisco networking equipment, covering prerequisites, restrictions, operation, and Change of Authorization (CoA).
Preview Cisco IOS RADIUS Configuration Guide: Secure Network Access & AAA
Comprehensive guide to configuring RADIUS on Cisco IOS for robust network security, authentication, authorization, and accounting (AAA). This document covers RADIUS attributes, server groups, load balancing, and advanced features for network administrators.
Preview Cisco IOS XE Cupertino 17.9.x Security Configuration Guide for Catalyst 9600 Switches
Comprehensive guide to configuring security features for Cisco IOS XE Cupertino 17.9.x on Catalyst 9600 Switches, covering authentication, authorization, access control, and more.
Preview Cisco Identity Services Engine Administrator Guide, Release 2.3
A comprehensive guide to administering the Cisco Identity Services Engine (ISE), covering features, deployment, management, and security.
Preview Cisco Secure Client (AnyConnect) Administrator Guide: Release 5
Comprehensive guide for administrators on deploying, configuring, and managing Cisco Secure Client, including AnyConnect VPN, for secure remote access. Covers deployment methods, endpoint preparation, module management, and session configurations for various operating systems.
Preview Security Configuration Guide for Cisco IOS XE Dublin 17.12.x (Catalyst 9300 Switches)
This guide provides comprehensive instructions and best practices for configuring the security features of Cisco IOS XE Dublin 17.12.x on Catalyst 9300 Series Switches. It covers topics such as password management, privilege levels, authentication methods (AAA, RADIUS, TACACS+), authorization, and accounting.
Preview Configuring DHCP Services for Accounting and Security
Learn how to configure DHCP services for enhanced security and accounting in Cisco IOS XE networks. This guide covers AAA/RADIUS integration, IP spoofing prevention, ARP security, and DHCP lease management for Public Wireless LANs and other network implementations.
Preview Cisco ISE Device Administration Guide
This document provides a comprehensive guide to configuring and managing device administration using Cisco Identity Services Engine (ISE) with the TACACS+ security protocol. It covers setup, policy creation, command authorization, and monitoring.