The Cisco ISE must perform continuous detection and tracking of endpoint devices attached to the network. This is required for compliance with C2C Step 1.
An XCCDF Rule
Description
<VulnDiscussion>Continuous scanning capabilities on the Cisco ISE provide visibility of devices that are connected to the switch ports. The Cisco ISE continuously scans networks and monitors the activity of managed and unmanaged devices, which can be personally owned or rogue endpoints. Because many of today's small devices do not include agents, an agentless discovery is often combined to cover more types of equipment.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-242599r812780_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
If required by the NAC SSP, configure the posture settings to enable Continuous Monitoring Interval.
From the Web Admin portal:
1. Choose Work Centers >> Posture >> Settings >> Posture General Settings.
2. Check "Continuous Monitoring Interval" and define an interval to enable continuous monitoring.
3. Choose "Save".