One of our clients did a vulnerability scan of the new Cisco ISE 2.2 and found out two strange ports 9102 and 9103.
After some research I find that those ports are related to ISE Wireless Setup.
How to disable?
At ISE admin CLI, issue
application configure ise
Select option 17 (Enable/Disable Wifi Setup).
Note: If you have ISE 2.2 Patch 1 the ports will re-appear after 15-20 seconds and will not be able to disable them permanently. This behaviour is fixed in ISE 2.2 Patch 2