08-18-2014 08:55 AM - edited 03-10-2019 09:56 PM
does ISE need to communicate directly with EndPoint (supplicant), in order to profile the endpoint or the communication with the WLC (authenticator) is good enough, I need to get the firewall ports opened accordingly.
Thank you
08-18-2014 01:30 PM
This would depend on the type of profiling and profiling probes that you would want to use. For instance, DHCP and Radius information would come from the NADs while NMAP and endpoint discovery would be hitting the client directly.
Thank you for rating helpful posts!
09-18-2014 09:13 AM
Mostly NADs collect the probe data for ISE , how these Network Probes Used by Profiling Service explained here
http://www.cisco.com/c/en/us/td/docs/security/ise/1-2/user_guide/ise_user_guide/ise_prof_pol.html#pgfId-2059677
http://www.cisco.com/c/en/us/td/docs/security/ise/1-2/installation_guide/ise_ig/ise_app_c-ports.html
09-23-2014 01:26 PM
Exactly it depends on the type of probes used to get the raw data for profiling.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: