Cisco ISE and K1000 AMP Agent settings needed
We use Cisco ISE and ports 80 and 443 are redirected so that anyone connecting to our network cannot access anything until a posture assessment has been performed (NAC). We have allowed port 52230, and I can see the clients are being accessed in KACE, but I cannot execute scripts/patches/inventory on these clients until I physically logon and allow the clients to clear NAC.
Can anyone with both KACE and Cisco ISE please guide me on the best way to resolve this issue? I don't think I can get 80/443 open, unless there is a equally secure way like we have them now.
Thanks!
-Darren
Can anyone with both KACE and Cisco ISE please guide me on the best way to resolve this issue? I don't think I can get 80/443 open, unless there is a equally secure way like we have them now.
Thanks!
-Darren
0 Comments
[ + ] Show comments
Answers (1)
Please log in to answer
Posted by:
SMal.tmcc
8 years ago
you need 80 or 443 for the client to check in with
here is a list of what the k1 needs to certain things
https://support.software.dell.com/kb/111775
here is a list of what the k1 needs to certain things
https://support.software.dell.com/kb/111775
Comments:
-
Is there a way to use either of those ports and have the same functionality? What I mean is, how can we have the same level of security with those ports allowed in ISE? - dsykes 8 years ago
-
we do not use cisco here, but we only have 443 and 52230 open and our clients check in from the outside. - SMal.tmcc 8 years ago
