Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Cisco ISE NAC Security Technical Implementation Guide
SRG-NET-000512-NAC-002310
SRG-NET-000512-NAC-002310
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
SRG-NET-000512-NAC-002310
1 Rule
<GroupDescription></GroupDescription>
The Cisco ISE must have a posture policy for posture required clients defined in the NAC System Security Plan (SSP). This is required for compliance with C2C Step 2.
High Severity
<VulnDiscussion>Posture assessments can reduce the risk that clients impose on networks. The posture policy is the function that can link requirements to applicable clients. Multiple requirements can be associated with a single policy. However, multiple polices can also be applicable to the same client. The posture policy operates in such a way that all applicable policies are applied, versus the top-down first match approach.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>