ISE 2.1 - Configuration of AMP & ISE Integration

June 7, 2016

Security

This post is going to go over the integration of ISE 2.1 and AMP for Endpoints. ISE 2.1 introduces the concept of a "Threat Centric NAC" which allows you to configure vulnerabiltiy and threat adapters to send high fidelity Indicators of Compromise (IoC), Threat Detected events, and CVSS scores to ISE so that threat-centric access policies can be created to change the privilege of the endpoint accordingly.

Katherine McNamara

June 5, 2016

Security

StealthWatch Host Groups Part 1

Katherine McNamara

June 5, 2016

Security

In this post, I'm going to go over host groups and why they're so critical to the StealthWatch system. Using host groups correctly in the StealthWatch system will ensure that you're alerted correctly on events and that the information given to you is more relevant to your enterprise

Katherine McNamara

June 1, 2016

Security

ISE 2.1 Just Released

Katherine McNamara

June 1, 2016

Security

I'm definitely going to go over this more in future posts after I'm done with my StealthWatch series. I'll just post this high level information about some of the additional features of ISE 2.1 which I'm pretty excited about.

Katherine McNamara

June 1, 2016

Security

StealthWatch SMC Client Part 1 - Overview

Katherine McNamara

June 1, 2016

Security

In this post, we're going to dig in to the SMC Client and learn the structure a bit better. This will help us navigate around the StealthWatch system and find valuable information.