For endpoints that require automated remediation, the Cisco ISE must be configured to redirect endpoints to a logically separate VLAN for remediation services. This is required for compliance with C2C Step 4.

An XCCDF Rule