Scribd
Upload
169 views1 page

ISE Profiling Design Guide - Profiling Services Global Configuration, Probe Setup, Device Integration

The document provides guidance on configuring profiling services in Cisco ISE. It recommends reviewing the details of each probe to determine which to enable for intended purposes without excessive data collection. The profiling configuration is currently unique to each Policy Service Node (PSN) but in most deployments each PSN should have identical settings, except the pxGrid Probe which should be enabled on a subset of nodes and certain probes may only apply to specific PSNs serving certain locations.

Uploaded by

Janek Podwala
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
169 views1 page

ISE Profiling Design Guide - Profiling Services Global Configuration, Probe Setup, Device Integration

The document provides guidance on configuring profiling services in Cisco ISE. It recommends reviewing the details of each probe to determine which to enable for intended purposes without excessive data collection. The profiling configuration is currently unique to each Policy Service Node (PSN) but in most deployments each PSN should have identical settings, except the pxGrid Probe which should be enabled on a subset of nodes and certain probes may only apply to specific PSNs serving certain locations.

Uploaded by

Janek Podwala
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

27/09/2020 ISE profiling design guide: profiling services global configuration, probe setup, device integration

Recommended Content

ows, it has visibility into the decrypted HTTPS data.


Even when the HTTP probe is disabled on the PSN, the
node will parse the browser user agent string from the
web trac and correlate the data to the endpoint based
on its associated session ID. When browser strings are
collected through this method, the source of the data is
listed as Guest Portal or CP (Client Provisioning) rather
than HTTP Probe. More details on the HTTP Probe are
provided later in this guide.

Be sure to review the details of each probe in this guide


for guidance on which probes to enable and for what
purpose. In general, it is not recommended to congure
all probes, especially in a production deployment, as this
may result in excessive data collection than is required to
achieve the desired goal.

The Proling Conguration is currently unique to each


PSN. In most deployments, each PSN should be
congured with identical Proler Conguration settings.
A couple exceptions to this general rule include

The pxGrid Probe should be enabled on only a subset


of PSNs, typically no more than two nodes. More
details can be found under the pxGrid Probe section
Specic probes may be applicable to PSNs servicing
particular locations or sections of the network. For
example, if PSNs serving a group of network devices
support Device Sensor, then it may not be necessary
to enable other probes that collect the same set of
attributes. Another example would be to perform
discovery only using the SNMP probes prior to the
enablement of RADIUS at a new location. This would
allow an administrator to gain visibility into the network
prior to any network authentication being congured.
Similarly, it may be desirable to dedicate a node for
data center visibility even though RADIUS-based
authentication is not planned for server farms
https://ciscocustomer.lookbookhq.com/iseguidedjourney/ISE-profiling-design 1/1

You might also like