STIGQter: STIG Summary: Cisco ISE NAC Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 13 Apr 2021:

The Cisco ISE must perform continuous detection and tracking of endpoint devices attached to the network.

DISA Rule

SV-242599r714107_rule

Vulnerability Number

V-242599

Group Title

SRG-NET-000512-NAC-002310

Rule Version

CSCO-NC-000250

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the posture settings to enable Continuous Monitoring Interval.

From the Web Admin portal:
1. Choose Work Centers >> Posture >> Settings >> Posture General Settings.
2. Check "Continuous Monitoring Interval" and define an interval to enable continuous monitoring.
3. Choose "Save".

Check Contents

Review the posture settings to ensure Continuous Monitoring Interval is enabled and a value configured.

From the Web Admin portal:
1. Choose Work Centers >> Posture >> Settings >> Posture General Settings.
2. Verify that "Continuous Monitoring Interval" is enabled and an interval configured.

If "Continuous Monitoring Interval" is not enabled with an interval defined, this is a finding.

Vulnerability Number

V-242599

Documentable

False

Rule Version

CSCO-NC-000250

Severity Override Guidance

Review the posture settings to ensure Continuous Monitoring Interval is enabled and a value configured.

From the Web Admin portal:
1. Choose Work Centers >> Posture >> Settings >> Posture General Settings.
2. Verify that "Continuous Monitoring Interval" is enabled and an interval configured.

If "Continuous Monitoring Interval" is not enabled with an interval defined, this is a finding.

Check Content Reference

M

Target Key

5383

Comments