ISE's Evil Default
Whilst working with Cisco ISE recently, I became aware of a setting within the product that could be a major ‘gotcha’ if you aren’t aware of it. We’ll take a very quick look at it in this article. Background Tucked away in the depths of the Cisco ISE menu structure is a rather innocent-looking configuration setting under the ‘Anomalous Client Detection’ section of the System Settings. The option I’m referring to can be found in the following location in ISE 1.2: Administration > System> Settings > Protocols > RADIUS The screenshot below shows the settings page I am discussing: The settings on this page have been provided to protect ISE in the face of an onslaught of misbehaving or mis-configured clients that may flood it with authentication traffic (and hence RADIUS traffic). In larger environments, this could become an issue and affect ISE’s performance. Suppress Anomalous Clients The tick-box ‘Suppress Anomalous Clients’ provides a very