Introduction
A solution the allows SecureX to act on data from Cisco Anyconnect NVM
https://www.cisco.com/c/en/us/products/security/endpoint-security-analytics-built-on-splunk/index.html
Getting started with SecureX
SecureX requires at least one licensed Cisco product. Here is the page for it, with link for Free Trial.
The solution requires the following components:
- Cisco Anyconnect NVM module
- Splunk box running (see CESA POV for more information)
- NVM collector (can run on a separate host)
- NVM TA Add-on (process the data fields and normalize for consumption)
- CESA NVM dashboard (optional) is not required but can be installed if the customer is going to use CESA on splunk)
- SecureX relay does not support Splunk clustering
- Cisco SecureX CESA Relay App on Splunk
Setup
CESA Overview
https://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/200600-Install-and-Configure-Cisco-Network-Visi.html
For SecureX setup see the readme in the doc attached to the Splunk App
Demos
FAQ
Support
Display