The Cisco ISE must perform continuous detection and tracking of endpoint devices attached to the network. This is required for compliance with C2C Step 1.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-242599 | CSCO-NC-000250 | SV-242599r812780_rule | Medium |
| Description |
|---|
| Continuous scanning capabilities on the Cisco ISE provide visibility of devices that are connected to the switch ports. The Cisco ISE continuously scans networks and monitors the activity of managed and unmanaged devices, which can be personally owned or rogue endpoints. Because many of today's small devices do not include agents, an agentless discovery is often combined to cover more types of equipment. |
| STIG | Date |
|---|---|
| Cisco ISE NAC Security Technical Implementation Guide | 2022-09-14 |
Details
| Check Text ( C-45874r812779_chk ) |
|---|
| If DoD is not at C2C Step 1 or higher, this is not a finding. If not required by the NAC SSP, this is not a finding. Review the posture settings to ensure Continuous Monitoring Interval is enabled and a value configured. From the Web Admin portal: 1. Choose Work Centers >> Posture >> Settings >> Posture General Settings. 2. Verify that "Continuous Monitoring Interval" is enabled and an interval configured. If "Continuous Monitoring Interval" is not enabled with an interval defined, this is a finding. |
| Fix Text (F-45831r803562_fix) |
|---|
| If required by the NAC SSP, configure the posture settings to enable Continuous Monitoring Interval. From the Web Admin portal: 1. Choose Work Centers >> Posture >> Settings >> Posture General Settings. 2. Check "Continuous Monitoring Interval" and define an interval to enable continuous monitoring. 3. Choose "Save". |