Cisco ISE: Identify and Manage Network Access
Cisco ISE 3.4 is ready for your network
In a zero-trust architecture, Cisco Identity Services Engine (ISE) is the policy decision point. It gathers intel from the stack to authenticate users and endpoints, automatically identifying threats.
New ISE Project?
Contact Us today and allow us to design a solution that meets your needs in topography, security, and endpoint management.
The discovery ports listed in the following table are used to determine what device is present.
| Port number | Port assignment |
|---|---|
| 4 | Closed Port |
| 21 | FTP |
| 22 | SSH |
| 23 | telnet |
| 80 | HTTP |
| 135 | Windows RPC |
| 161 | SNMP |
| 443 | HTTPS |
| 513 | rlogin |
| 902 | VMware Authentication Daemon |
| 3940 | Discovery for z/OS Agent |
| 5985 | PowerShell HTTP |
| 5986 | PowerShell HTTPS |
| 5988 | WBEM HTTP |
| 5989 | WBEM HTTPS |
| Source | Default Port | Protocol | Directionality | Reason |
|---|---|---|---|---|
| Main Appliance (MA) | 389 (TCP/UDP) | LDAP | MA to targets | Active Directory Sync |
| Remote Collector(s) RC | 53 (TCP) | DNS | Device to targets | DNS Zone Discovery |
| Remote Collector(s) RC | 623 (UDP) | IPMI | RC to targets | IPMI-based discovery of management interfaces |
| Remote Collector(s) RC | 22 (TCP) | SSH | RC to targets | SSH-based discovery of Linux and Unix systems |
| Remote Collector(s) RC | 161 (UDP) | SNMP | RC to targets | SNMP discovery of network equipment |
Live instant demo
Try it yourself. Learn how to detect and neutralize threats in our live environment.
