Overview

Adaptive Network Control (ANC) provides the ability to create network endpoint authorization controls based on ANC policies.
Please note that these examples are not meant to be used as is because they have references to DB data. You should treat it as a basic template and edit it before sending to server.

Supported ANC API transactions per second

On a 5 node Cisco ISE deployment with 60k sessions or on a 9 node Cisco ISE deployment with 200k/500k sessions, 250 transactions per second (TPS) is supported for any ANC API.

Supported ANC APIs

applyEndpointByMacAddress
clearEndpointByMacaddress
applyEndpointByIpAddress
applyEndpointPolicy
clearEndpointPolicy

Deployment	No. of Sessions	Supported ANC APIs TPS
5 Nodes	60k	250
9 Nodes	200k	250
9 Nodes	500k	250

Resource definition

Attribute Type	Required	Default	value
name	String	Yes	Resource name
id	String	Yes	Resourse UUID
description	String	No
macAddress	String	Yes	MAC address of the endpoint
policyName	String	Yes	Policy name for applying to the endpoint

XML example:

XML
<?xml version="1.0" encoding="UTF-8"?> &ltns0:ancendpoint xmlns:ns0="anc.ers.ise.cisco.com" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ns1="ers.ise.cisco.com" xmlns:ers="ers.ise.cisco.com"> &ltmacAddress&gt00:11:22:33:44:55</macAddress> &ltpolicyName&gtpolicy1</policyName> </ns0:ancendpoint>

JSON
{
"ErsAncEndpoint" : {
"macAddress" : "00:11:22:33:44:55",
"policyName" : "policy1"
}
}

Revision History

Revision 0
Resource Version	1.0
ISE Version	2.1
Description	Initial Ise VersionBack to top

Api Reference

Get-By-Id

Request:

Method: GET
URI: https://10.86.118.27:9060/ers/config/ancendpoint/{id}
HTTP 'Content-Type' Header: application/xml | application/json
HTTP 'Accept' Header: application/xml | application/json
HTTP 'ERS-Media-Type' Header (Not Mandatory): anc.ancendpoint.1.0
HTTP 'X-CSRF-TOKEN' Header (Required Only if Enabled from GUI): fetch
Request Content:
N/A

Response: (ErsAncEndpoint)

HTTP Status: 200 (OK)
Content:
XML <?xml version="1.0" encoding="UTF-8"?> &ltns0:ancendpoint xmlns:ns0="anc.ers.ise.cisco.com" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ns1="ers.ise.cisco.com" xmlns:ers="ers.ise.cisco.com"> &ltmacAddress&gt00:11:22:33:44:55</macAddress> &ltpolicyName&gtpolicy1</policyName> </ns0:ancendpoint>
JSON
{
"ErsAncEndpoint" : {
"macAddress" : "00:11:22:33:44:55",
"policyName" : "policy1"
}
}

clear

Request:

Method: PUT
URI: https://10.86.118.27:9060/ers/config/ancendpoint/clear
HTTP 'Content-Type' Header: application/xml | application/json
HTTP 'Accept' Header: application/xml | application/json
HTTP 'ERS-Media-Type' Header (Not Mandatory): anc.ancendpoint.1.0
HTTP 'X-CSRF-TOKEN' Header (Required Only if Enabled from GUI): The Token value from the GET X-CSRF-TOKEN fetch request
Additional Attributes: macAddress,ipAddress
Request Content:
XML

JSON
{
"OperationAdditionalData" : {
"additionalData" : [ {
"name" : "example additional attribute name",
"value" : "its value"
} ]
}
}

Response: (N/A)

HTTP Status: null
Content:
N/A

apply

Request:

Method: PUT
URI: https://10.86.118.27:9060/ers/config/ancendpoint/apply
HTTP 'Content-Type' Header: application/xml | application/json
HTTP 'Accept' Header: application/xml | application/json
HTTP 'ERS-Media-Type' Header (Not Mandatory): anc.ancendpoint.1.0
HTTP 'X-CSRF-TOKEN' Header (Required Only if Enabled from GUI): The Token value from the GET X-CSRF-TOKEN fetch request
Additional Attributes: macAddress,ipAddress,policyName
Request Content:
XML
<?xml version="1.0" encoding="UTF-8"?> &ltns0:operationAdditionalData xmlns:ns0="ers.ise.cisco.com" xmlns:xs="http://www.w3.org/2001/XMLSchema"> &ltrequestAdditionalAttributes> &ltadditionalAttribute name="macAddress" value="value_0"/> &ltadditionalAttribute name="ipAddress" value="value_1"/> &ltadditionalAttribute name="policyName" value="value_2"/> </requestAdditionalAttributes> </ns0:operationAdditionalData>
JSON
{
"OperationAdditionalData" : {
"additionalData" : [ {
"name" : "example additional attribute name",
"value" : "its value"
} ]
}
}

Response: (N/A)

HTTP Status: null
Content:
N/A

Get-All

This API allows the client to get all the ANC endpoints.

Filter: [MAC address]

You can use MAC address as a filter for the endpoints. For example:

https:///ers/config/ancendpoint/?filter=name.CONTAINS.00:00:01:00:00:0B

Request:

Method: GET
URI: https://10.86.118.27:9060/ers/config/ancendpoint
HTTP 'Content-Type' Header: application/xml | application/json
HTTP 'Accept' Header: application/xml | application/json
HTTP 'ERS-Media-Type' Header (Not Mandatory): anc.ancendpoint.1.0
HTTP 'X-CSRF-TOKEN' Header (Required Only if Enabled from GUI): fetch
Request Content:
N/A

Response: (SearchResult)

HTTP Status: 200 (OK)
Content:
XML <?xml version="1.0" encoding="UTF-8"?> &ltns0:searchResult xmlns:ns0="v2.ers.ise.cisco.com" xmlns:ns1="ers.ise.cisco.com" xmlns:ers-v2="ers-v2" total="2"> &ltns0:nextPage rel="next" href="link-to-next-page" type="application/xml"/> &ltns0:previousPage rel="previous" href="link-to-previous-page" type="application/xml"/> &ltns0:resources> &ltns1:resource description="description1" id="id1" name="name1"/> &ltns1:resource description="description2" id="id2" name="name2"/> </ns0:resources> </ns0:searchResult>
JSON
{
"SearchResult" : {
"total" : 2,
"resources" : [ {
"id" : "id1",
"name" : "name1",
"description" : "description1"
}, {
"id" : "id2",
"name" : "name2",
"description" : "description2"
} ],
"nextPage" : {
"rel" : "next",
"href" : "link-to-next-page",
"type" : "application/xml"
},
"previousPage" : {
"rel" : "previous",
"href" : "link-to-previous-page",
"type" : "application/xml"
}
}

}

Supported Filter and Sorting Fields:

Filter: [name]
Sorting: [name]Back to top

Get Version

Request:

Method: GET
URI: https://10.86.118.27:9060/ers/config/ancendpoint/versioninfo
HTTP 'Content-Type' Header: application/xml | application/json

Response: (Version Info)

HTTP Status: 200 (OK)
Content:
XML <?xml version="1.0" encoding="UTF-8"?> &ltns0:versionInfo xmlns:ns0="ers.ise.cisco.com" xmlns:xs="http://www.w3.org/2001/XMLSchema"> &ltcurrentServerVersion&gt1.0</currentServerVersion> &ltlink rel="self" href="link" type="application/xml"/> &ltsupportedVersions&gt0.9,0.8</supportedVersions> </ns0:versionInfo>
JSON { "VersionInfo" : { "currentServerVersion" : "1.0", "supportedVersions" : "0.9,0.8", "link" : { "rel" : "self", "href" : "link", "type" : "application/xml" } } }

Bulk Request

Request:

Method: PUT URI: https://10.86.118.27:9060/ers/config/ancendpoint/bulk/submit HTTP 'Content-Type' Header: application/xml | application/json
Request Content: XML <?xml version="1.0" encoding="UTF-8" standalone="yes"?> &ltns7:ancendpointBulkRequest operationType="create" resourceMediaType="xml" xmlns:ns6="sxp.ers.ise.cisco.com" xmlns:ns5="trustsec.ers.ise.cisco.com" xmlns:ns8="network.ers.ise.cisco.com" xmlns:ns7="anc.ers.ise.cisco.com" xmlns:ers="ers.ise.cisco.com" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ns4="identity.ers.ise.cisco.com"> &ltns7:resourcesList/> </ns7:ancendpointBulkRequest>
JSON { "ErsAncEndpointBulkRequest" : { "operationType" : "create", "resourceMediaType" : "xml" } }

Response:

HTTP Status: 202 (Accepted) Content: N/ABack to top Monitor Bulk Status Request: Method: GET URI: https://10.86.118.27:9060/ers/config/ancendpoint/bulk/{bulkid} HTTP 'Content-Type' Header: application/xml | application/json Request Content: N/A

Response:

HTTP Status: 200 (OK)
Content:
XML
<?xml version="1.0" encoding="UTF-8"?>
&ltns0:bulkStatus xmlns:ns0="ers.ise.cisco.com" xmlns:xs="http://www.w3.org/2001/XMLSchema" bulkId="1528218098944" executionStatus="COMPLETED" failCount="0" mediaType="" operationType="create" resourcesCount="5" startTime="Tue Jun 05 17:01:38 UTC 2018" successCount="5">
&ltns0:resourcesStatus>
&ltns0:resourceStatus description="description..." id="1234454324" name="resource1" status="PENDING">
&ltresourceExecutionStatus&gtPENDING</resourceExecutionStatus>
</ns0:resourceStatus>
&ltns0:resourceStatus description="description..." id="2343242342" name="resource2" status="PENDING">
&ltresourceExecutionStatus&gtPENDING</resourceExecutionStatus>
</ns0:resourceStatus>
&ltns0:resourceStatus description="description..." id="4564566456" name="resource3" status="PENDING">
&ltresourceExecutionStatus&gtPENDING</resourceExecutionStatus>
</ns0:resourceStatus>
&ltns0:resourceStatus description="description..." id="6544566455" name="resource4" status="PENDING">
&ltresourceExecutionStatus&gtPENDING</resourceExecutionStatus>
</ns0:resourceStatus>
</ns0:resourcesStatus>
</ns0:bulkStatus>
JSON
{
"BulkStatus" : {
"bulkId" : "1528218098968",
"mediaType" : "",
"executionStatus" : "COMPLETED",
"operationType" : "create",
"startTime" : "Tue Jun 05 17:01:38 UTC 2018",
"resourcesCount" : 5,
"successCount" : 5,
"failCount" : 0,
"resourcesStatus" : [ {
"id" : "1234454324",
"name" : "resource1",
"description" : "description...",
"resourceExecutionStatus" : "PENDING",
"status" : "PENDING"
}, {
"id" : "2343242342",
"name" : "resource2",
"description" : "description...",
"resourceExecutionStatus" : "PENDING",
"status" : "PENDING"
}, {
"id" : "4564566456",
"name" : "resource3",
"description" : "description...",
"resourceExecutionStatus" : "PENDING",
"status" : "PENDING"
}, {
"id" : "6544566455",
"name" : "resource4",
"description" : "description...",
"resourceExecutionStatus" : "PENDING",
"status" : "PENDING"
} ]
}
}