This workflow removes an endpoint from quarantine in Cisco Identity Services Engine (ISE) by clearing its ANC Policy assignments.
- The following atomic actions must be imported before you can import this workflow:
- ISE - ERS - ANC Policy - Clear from Endpoint (CiscoSecurity_Atomics)
- The targets and account keys listed below
- Make sure the observable type provided is supported
- Clear the ANC policies from the endpoint
- If you want to change the name of this workflow in the pivot menu, change its display name
Note: If your Cisco ISE deployment is on-premise, you will need a SecureX orchestration remote to use ISE with orchestration.
|Target Name||Type||Details||Account Keys||Notes|
|Cisco ISE ERS||HTTP Endpoint||Protocol: |
|Account Key Name||Type||Details||Notes|
|ISE_ERS_Credentials||HTTP Basic Authentication||Username: ISE Username |
Password: ISE Password
|Must have ERS Admin permission|