Cisco Identity Services Engine (ISE)

Connection Requirements

1 - IP

IP address of the Cisco ISE.

2 - Port

Port number. (optional, default: 9060)

3 - ERS Username

The username which is going to be used by OctoXLabs CSAM PLATFORM Asset to fetch data from Cisco ISE.

The user needs to have "admin" rights and access hosts on Cisco ISE to read details

To create a Admin User:

  1. Choose Administration > System > Admin Access > Administrators > Admin Users > Add.

  2. Select "Create an Admin User"

  3. Enter values in the fields.

  4. The user must be assigned to either "ERS Operator" administrator group in "Admin Groups".

  5. "Submit" admin user

To activate ERS:

  1. Go to Administration > Settings > API Settings and enable the ERS (Read/Write).

  2. Select "Disable CSRF For ERS Request" in CSRF Check.

4 - ERS Password

The Password of the provided username.

If you want to use pxGrid. "Enable pxGrid" field and follow the steps

  1. Log into the ISE Admin GUI, navigate to Administration > Deployment.

  2. Select the ISE node to be used for pxGrid persona.

  3. Enable pxGrid service and click Save.

After that:

  1. Navigate to Administration > pxGrid Services > Settings.

  2. Check the box: "Automatically approve new certificate-based accounts" and click Save.

5 - pxGrid Client Certificate and Private Key File

The Client Certificate and Private Key File for the access to pxGrid.

To export Certificate:

  1. Navigate to Administration > Certificates > System Certificates.

  2. Expand the Primary Monitoring (MNT) node if not enabled on the Primary Administration node.

  3. Select the certificate with the Used-By "Admin" field.

  4. Click Export.

  5. Choose the option to Export Certificate and Private Key.

  6. Set an encryption key.

  7. Export and Save the file.

  8. Download the certificate with "admin" in it.

Don't forget select Private Key and add a Private Key Passphrase to avoid an error

6 - pxGrid Private Key Passphrase

The Passphrase for the access Private Key File.

7 - Thread Count

(default: 32)

8 - Thread Sleep Time

(default: 0)

9 - Enable pxGrid

To use pxGrid (default: Disable)

10 - Use IP in pxGrid

To use IP Address in pxGrid. (default: Disable)

11 - Enable ERS Detail

To see ERS Detail. (default: Disable)

Attention

Please perform a connection test to ensure there is a valid connection to the Cisco ISE host. When the discovery operation finalized you will be able to see the details on Assets page.

PreviousCisco Advanced Malware Protection (AMP)NextCisco Meraki

Last updated