History for ISE/ISE-PIC
|
Feature |
Minimum Management Center |
Minimum Threat Defense |
Details |
|---|---|---|---|
|
Proxy |
Any |
7.2.0 |
One or more managed devices that can communicate with Cisco Defense Orchestrator in the event Cisco Defense Orchestrator cannot communicate with the ISE/ISE-PIC server. New/updated screen: |
|
pxGrid 2.0 is the default for supported ISE/ISE-PIC versions |
Any |
6.7.0 |
Note the following:
|
|
Optionally exclude subnets from receiving user-to-IP and Security Group Tag (SGT)-to-IP mappings from ISE. You should typically do this for lower-memory managed devices to prevent Snort identity health monitor memory errors. |
Any |
6.7.0 |
New command: configure identity-subnet-filter { add | remove} |
|
Destination Security Group Tag matching (SGT) |
Any |
6.5.0 |
Feature introduced. Enables you to use ISE SGT tags for both source and destination matching criteria in access control rules. SGT tags are tag-to-host/network mappings obtained by ISE. New/modified screens:
|
|
Integration with ISE-PIC |
Any |
6.2.1 |
You can now use data from ISE-PIC. |
|
SGT tags for user control. |
Any |
6.2.0 |
You no longer need to create a realm or identity policy to perform user control based on ISE Security Group Tag (SGT) data. |
|
Integration with ISE. |
Any |
6.0 |
Feature introduced. By subscribing to Cisco’s Platform Exchange Grid (PxGrid), the Firepower Management Center can download additional user data, device type data, device location data, and Security Group Tags (SGTs) —a method used by ISE to provide network access control). |