This workflow quarantines an endpoint in Cisco Identity Services Engine (ISE) by applying an Adaptive Network Control (ANC) policy.
- The following atomic actions must be imported before you can import this workflow:
- ISE - ERS - ANC Policy - Apply to Endpoint (CiscoSecurity_Atomics)
- The targets and account keys listed below
- Make sure the observable type provided is supported
- Apply the ANC policy to the endpoint
- Set the
ANC Policy Namelocal variable to the name of the ANC policy to apply
- If you want to change the name of this workflow in the pivot menu, change its display name
Note: If your Cisco ISE deployment is on-premise, you will need a SecureX orchestration remote to use ISE with orchestration.
|Target Name||Type||Details||Account Keys||Notes|
|Cisco ISE ERS||HTTP Endpoint||Protocol: |
|Account Key Name||Type||Details||Notes|
|ISE_ERS_Credentials||HTTP Basic Authentication||Username: ISE Username |
Password: ISE Password
|Must have ERS Admin permission|