cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
21680
Views
17
Helpful
2
Comments
Brian Gonsalves
Cisco Employee
Cisco Employee

Introduction

This document describes how to integrate Cisco Identity Services Engine (ISE) ecosystem with some partners. Always consult with the partner for the latest documentation about their products.

You may also want to refer to

 

Partner API Type Status ISE Version (min) Partner Version
(min)
RTC Type RTC Action (pxGrid) ISE Authz Policy (EPS, ANC) pxGrid Topics and APIs
42Gears MDM 2.4 - None - - -
Absolute MDM 1.2 - None - - -
Acalvio pxGrid v2 2.4 4.0 pxGrid Automated via policy ANC -
Alef Nula - Identity Bridge pxGrid v2 2.4 - None - - Session - Identity Bridge (replaces CDA type functionality with ASA)
Alef Nula - AleFTI MAB Keeper, Office Locator Other 2.4 - None - - -
AppSpace Guest 2.4   NA NA ERS API

Guest API Guest Access Management

Armis pxGrid v2 2.4 - pxGrid Manual via GUI ANC Topic Subscribes: ANC
pxGrid context-in
Asimily pxGrid v2 2.4 20.10 pxGrid Manual via GUI (or automatic) ANC Session
ERS API calls to configure ACL
pxGrid context-in
Attivo Networks pxGrid v1 2.1 ATV Botsink 4.0 pxGrid Manual via GUI EPS Topic Subscribes:
EndpointProtectionService
Bayshore Networks pxGrid v1 1.3 6.x Yes - - Topic Subscribes: SessionDirectory, TrustsecMetaData
Attributes: SGT, IP Address
Blackberry - BES MDM 1.4 - None - - -
Blackberry - Good Secure EMM MDM 1.2 - None - - -
BlackRidge pxGrid v2 2.4 TAC Gateway 4.1.4 None - - Topic Subscribes: SessionDirectory
Attributes: Username, IP Address
BluSapphire pxGrid v2 2.7 3.0 pxGrid ANC API Manual ANC pxGrid session information
pxGrid ANC
Certego pxGrid v2 2.7   pxGrid ANC Manual ANC pxGrid ANC
Check Point pxGrid v2 2.7   None - - Topic Subscribes: SessionDirectory, TrustSecMetadata
Attributes: SGT, Username, IP Address
Cisco AMP TC-NAC 2.1 - TC-NAC: ISE Authz Course of Action Condition Rules (manual assignment to ANC Policies) - - -
Cisco CTA TC-NAC 2.2 - TC-NAC: ISE Authz Course of Action Condition Rules (manual assignment to ANC Policies) - - -
Cisco Cyber Vision  pxGrid v2 2.4+ (validated on 2.7+) 3.1.0       Context In (custom attributes)
Cisco Digital Network Architecture Center pxGrid v2 2.3 - None - - -
Cisco Firepower pxGrid v2 2.0 6.7 pxGrid Automated via policy EPS Subscribes:
SessionDirectory, TrustSecMetaData, EndpointProfiles Attributes:
Username, IPAddress, EndpontDevice, SGT, Location
Cisco Industrial Network Director pxGrid v2 2.4  1.3 None - - Topic Publishes: EndpointAsset
Attributes:
Publish assetDeviceType, assetId, assetIPAddress, assetName, assetPortName, assetConnectedLinks.assetDeviceType, assetGroup, assetId, assetIPAddress, assetMacAddress, assetName, assetProductId, assetProtocol,assetSerialNumber, assetVendor and customized attributes
Cisco Meraki Systems Manager MDMv3 1.4 - None - - -
Cisco Secure Workload ERS API 2.7+   None NA NA Session Topic
Cisco StealthWatch pxGrid v2 2.4 7.3.2 pxGrid v2 Manual via GUI ANC Topic Subscribes:
EndpointProtectionService, TrustSecMetadata, EndpoointProfile, SessionDirectory, AdaptiveNetworkControl
Attributes: Username, IPAdddress, MACAdddress, SGT, Endpoint Device, TrustSec Subject Name, Trustsec Peer Name, Trustsec Peer ID
Cisco WSA pxGrid v2 2.4 (ISE-PIC & ISE ERS API) 11.7 None - - Topic Subscribes:
Trustsec, SessionDirectory
Attributes:
Username, SGT-IP Mappings, MS AD Groups
Citrix Xenmobile MDM 1.2 - None - - -
Culinda pxGrid v2 2.4  - pxGrid Manual ANC (pxGrid 2.0)
pxGrid Context-in 
CyberArk API 3.1   API NA NA Password Access Manager
CyberMDX pxGrid v2 2.4 Mdefend 8.3+ pxGrid Manual via GUI ANC Topic Publishes:
EndpointAsset, Subscribes: ANC
Attributes:
CMDX_Link,CMDX_Vendor,CMDX_Type,CMDX_PHI
Cyber Observor ERS 2.7   ERS    

UseCase1: Immediate alerts and detailed information in regards to endpoints, network devices and high severity alarms
UseCase2: 
Detailed configuration information in regards to policies and insecure protocols and cyphers settings
UseCase3: 
Detailed information in regards to admin users, password policies, licenses and certificates statuses

CyberX Labs pxGrid v2 2.4    None - - -
Cylera pxGrid v2 2.4    None - - pxGrid subscribes to trustsec SXP and pushes into context-in
Cynerio pxGrid v2 2.4+ - None - - SGT policy and special tage via ERS API
Topic Publishes: EndpointAsset
Attributes: assetDeviceType, assetIpAddress,assetMacAddress, assetName, assetProductId, assetvendor
DFLabs (Incman) ERS API 2.7 5.x ? ? ERS API ERS API ANC
ERS API too many to list- see http://cs.co/ise-guides
Digital Defense pxGrid v2 2.4+  6.3.1.2 Yes Manual ANC pxGrid Context-In (profiling)
  • fvmOS: An asset’s operating system (for example, Windows Server 2013)
  • fvmOSType: An asset’s operating system type (server, client, and so on)
  • fvmOSFamily: An asset’s operating system family (Windows, Mac, and so on)
  • fvmLastScanDate: The date on which this asset was last scanned by Frontline
  • fvmGpaLetter: An asset’s Frontline Security GPA in letter form
  • fvmCriticalVulnCount, fvmHighVulnCount: The number of critical vulnerabilities the asset has
  • fvmOldestMediumVulnInDays, fvmOldestHighVulnInDays, fvmOldestCriticalVulnInDays: The age of the oldest medium, high, and critical vulnerabilities of the asset
Elastica (Symantec) pxGrid v1 2.0 - pxGrid Manual via GUI EPS Subscribes: EndpointProtectionService
Endace pxGrid v1 1.3 Endace  2.3+ None     Subscribes: SessionDirectory
Attributes: Usernames, Device Profiles
Envoy Systems ISE Guest 2.2 - None - - - cr
Exabeam pxGrid v1 2.2 - pxGrid Manual via GUI ANC Subscribes: EndpointProtectionService
ExtraHop API 2.4 - API Manual via GUI ANC ANC API Only
Firemon Lumeta pxGrid v1 2.2 Spectre 3.2 Yes - - Topic Subscribes: SessionDirectory, EndpointProtectionService
Attributes: 
All attributes
Forescout pxGrid v2 2.4   pxGrid     Session and static SXP tag
FortScale (RSA) pxGrid v1 2.0 - pxGrid Manual via GUI EPS -
Fortinet FortiManager / FortiGate  pxGrid v2 2.4   pxGrid     Session directory only; uses dynamic tags to make policy on Fortinet side
Globo MDM 1.4 - None - - -
Google Chronicle SIEM 2.7+ - NA NA NA SIEM SYSLOG Partner
Green Light pxGrid v1 2.2 2 pxGrid Manual via GUI ANC Subscribes: Adaptive Network Control
HanSight SIEM pxGrid v1 In Test - - None - - -
HanSight UEBA pxGrid v1 In Test - - None - - -
Huntsman Security pxGrid v1 2.0 5.97.001 pxGrid Manual via GUI EPS Subscribes: EndpointProtectionService
IBM - MaaS360 MDM 1.2 - None - - -
IBM QRadar pxGrid App pxGrid v2 2.4  7.3.1 Patch 9 + pxGrid Manual via GUI ANC (pxGrid 2.0)
Subscribes: SessionDirectory, MDM, ANC Config Status, Radius Failures
Attributes: All attributes
IBM QRadar SIEM 2.4 NA NA NA NA SIEM SYSLOG
Illusive Networks pxGrid v1 2.2   pxGrid Manual via GUI EPS Topic Subscribes: EndpointProtectionService
Infoblox DNS FW
pxGrid v1

pxGrid v2
2.0/2.4+ 7.3.3
8.5
(supports 2.0 and 1.0 backward compat)
pxGrid Manual via GUI EPS, ANC Topic Subscribes: SessionDirectory, EndpointProtectionService, Publishes IPAM and DHCP (no more dynamic topic)
Attributes: Audit Session ID, EPSStatus, NAS IP Address, MAC Address, IP Address, NAS Port ID, Account Session ID
Infoblox IPAM
pxGrid v1

pxGrid v2
2.0/2.4+ 7.3.3
8.5 (supports 2.0 and 1.0 backward compat)
pxGrid - EPS, ANC Topic Subscribes: SessionDirectory, EndpointProtectionService, Publishes IPAM and DHCP (no more dynamic topic)
Attributes: Audit Session ID, EPSStatus, NAS IP Address, MAC Address, IP Address, NAS Port ID, Account Session ID
Ivanti (formerly MobileIron) MDMv3 1.2 - None - - -
JAMF Casper Suite MDM 1.4 - None - - -
LinkShadow pxGrid v2 2.7 ? ANC Manual ANC ANC (RTC) only
LiveAction pxGrid v2 2.4 - None - - - Session only
LogRhythm pxGrid  v2 2.4 - EPS REST Manual via GUI - -
LogZilla SIEM 2.4 - None - - -
Medigate by Claroty pxGrid v2 2.4 - pxGrid, pxGrid Context-In Manual via GUI ANC Publishes: EndpointAsset, Subscribes: ANC
Attributes: Publish assetDeviceType, assetId, assetIPAddress, assetName, assetPortName, assetConnectedLinks.assetDeviceType, assetGroup, assetId, assetIPAddress, assetMacAddress, assetName, assetProductId, assetProtocol,assetSerialNumber, assetVendor and customized attributes
Micro Focus ArcSight SIEM 1.2 - EPS REST - - -
Microsoft inTune MDMv3 1.4 - None - - -
Mosyle MDM 2.3 - None - - -
NetIQ Sentinel pxGrid v1 1.3 7.2 pxGrid - EPS Subscribes: SessionDirectory, EndpointProtectionService
Topic: Username, IP, MacAddress, EndpointDevice Information
Nozomi pxGrid v2 2.4 19.0.5 pxGrid Automatic ANC SessionDirectory
Context-In
Noovus Apollo Other 2.3 - None - - -
Nyansa Voyance pxGrid v2 2.4 (pxGrid 2.0) - Yes - - -
Ordr pxGrid v2 2.4  - pxGrid Manual via GUI ANC Publishes: EndpointAsset
Topic: 
Publish assetDeviceType, assetId, assetIPAddress, assetName, assetPortName, assetConnectedLinks.assetDeviceType, assetGroup, assetId, assetIPAddress, assetMacAddress, assetName, assetProductId, assetProtocol,assetSerialNumber, assetVendor and customized attributes
Panaseer pxGrid v2 2.4  - None - - -
Ping Identity (via IoT connector) pxGrid v1 1.3 - None - - -
Qualys TC-NAC 2.1 - TC-NAC: ISE Authz CVSS Score Manual Assignment to ANC Policies - -
Radiflow pxGrid v2   2.4+     Manual ANC pxGrid context-in updates with ERS 
Rapid7 InsightIDR SIEM 2.7+ NA NA NA NA SIEM SYSLOG Parser
Rapid7 Nexpose TC-NAC 2.2 Nexpose 6.0
+
Insight VM
TC-NAC: ISE Authz CVSS Score Manual Assignment to ANC Policies - -
RedShift Networks pxGrid v2 2.4 RedShift CMS pxGrid ANC Automated via policy - -
Ricoh Streamline pxGrid v2 2.4 NA NA NA NA Printer Asset Management
RSA NetWitness SIEM 2.4 - - - - SYSLOG Parser
SAINT pxGrid v1 1.4 8.1.0 EPS Automated vu policy - Subscribes:
EndpointProtectionService
SAP Afaria MDM 1.2 - None - - -
SecureAuth pxGrid v1 1.3 8.2 None - - Subscribes: SessionDirectory
Topic: Audit Session ID, Session State, EPSStatus, Calling Station, Security Group, Endpoint Profile, UserName, Posture Status, AD User DNS Domain, AD Host DNS Domain, AD User NetBIOS name, AD Host NetBIOS name
Securonix pxGrid v2 2.4 - None - - -
ServiceNow ERS API 2.4 - None - - Creates endpoint attributes with ERS API
Siemplify pxGrid v2 In Test - - None - - -
Skyhigh Networks (McAfee) pxGrid v1 2.0   None - - -
Smokescreen pxGrid v2 2.4  - Yes - ANC -
Sophos MDM 1.4 - None - - -
SOTI MobiControl MDM 2.0 - None - - -
Splunk Addon for ISE (Splunk Enterprise) SIEM, Syslog 2.4+ 4.0.0 (splunk Enterprise 7+) None - - -
Splunk SOAR (Phantom) SOAR 2.4+ 5.0.190 NA Manual Via GUI ANC RTC
  • test connectivity - Validate the asset configuration for connectivity. This action logs into the device with a REST ...
  • list sessions - List the sessions currently available on the Monitoring node.
  • CRUD on endpoints, user devices that use ERS API
  • quarantine device - Quarantine the device
  • unquarantine device - Unquarantine the device
  • terminate session - Terminate sessions
Symantec MDM 1.2 - None - - -
Syncurity pxGrid v2 2.4 - Yes - - -
Tangoe MDM 1.4 - None - - -
Tanium pxGrid v1 2.4   pxGrid Manual via GUI ANC Subscribes:
AdaptiveNetworkControl
Tenable Security Center TC-NAC 2.2 5.5+ TC-NAC: ISE Authz Course of Action Condition Rules Manual Assignment to ANC Policies - -
ThreatConnect SOAR 2.7 6.0 SOAR actions Manual ERS API See blog post ThreatConnect and Cisco ISE: Streamline Security Policy Updates
TIBCO (LogLogic) SIEM 1.2 - None - - -
TrapX Security pxGrid v1 2.0 6 EPS REST
pxGrid
Manual via GUI EPS Subscribes: EndpointProtectionService
Trellix ePO via DXL (formerly McAfee) pxGrid v1 2.1 ePO 5.9
DXL Broker 4.0
pxGrid Automated via policy ANC Subscribes: AdaptiveNetworkControl
as of 2/23/21 - pxGrid 1.0
Vmware AirWatch MDM 1.2 - None - - -
VU Security pxGrid v2 2.4 - Yes - - -
XTENDISE ERS API 3.x - NA NA NA ERS and MnT APIs and collects ISE syslog messages
ZingBox pxGrid v2 2.4  - EPS REST
pxGrid
Manual via GUI ANC Topic Publishes: EndpointAssets
Subscribes: ANC
Attributes:
Publish assetDeviceType, assetId, assetIPAddress, assetName, assetPortName, assetConnectedLinks.assetDeviceType, assetGroup, assetId, assetIPAddress, assetMacAddress, assetName, assetProductId, assetProtocol,assetSerialNumber, assetVendor and customized attributes

 

Comments
nved
Cisco Employee
Cisco Employee

We are working with a customer that has deployed LogRythm SEIM and would like to forward Syslog Messages from ISE to LogRythm.

LogRythm is mentioned a Eco Partner and hit appears that there is a PxGrid based integration. Where can I find additional information about this integration and it's capabilities.

ldanny
Cisco Employee
Cisco Employee

Please post your question in the ISE community for visibility

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: