Cisco ISE
Cisco Identity Services Engine (ISE) is a security policy management and control platform that enables enterprises to automate and enforce security policies across their wired, wireless, and VPN networks. It's designed to provide comprehensive, identity-based access control and security compliance for devices and users on a network.
- Installation guide
- Cisco ISE data model
Installation
Configuration in Cisco ISE Platform
Navigate to the Cisco ISE Dashboard
Click on menú icon located in the top left corner.
Under "System", click on "Settings".
In the left bar, search for API settings.
Under API Settings -> API Service Settings -> API Service Settings for Primary Administration Node, you should enable "Open API (Read/Write)".
Configuration in JupiterOne
To install the Cisco ISE integration in JupiterOne, navigate to the Integrations tab in JupiterOne and select Cisco ISE. Click New Instance to begin configuring your integration.
Creating a configuration requires the following:
PAN URL: your PAN URL of the Primary Administration Node's address in a Cisco ISE deployment. Please do not include the http protocol (Ex: devnetsandbox.cisco.com). If you are using an non-standard port you can include it at the end of the url (Ex: devnetsandbox.cisco.com:9060)
Username: the username used for authentication.
Password: the password used for authentication.
The Account Name used to identify the Cisco ISE account in JupiterOne. Ingested entities will have this value stored in
tag.AccountName
when theAccountName
toggle is enabled.Description to assist in identifying the integration instance, if desired.
Data Source Settigns: here you will be able to customize the steps to be ingested. If desired, specific steps can be enabled/disabled from here.
Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as
DISABLED
and manually execute the integration.
Click Create once all values are provided to finalize the integration.
Next steps
Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.
Data Model
Entities
The following entities are created:
Resources | Entity _type | Entity _class |
---|---|---|
Account | cisco_ise_account | Account |
Network Device | cisco_ise_network_device | NetworkEndpoint |
Network Device Group | cisco_ise_network_device_group | Group |
Relationships
The following relationships are created:
Source Entity _type | Relationship _class | Target Entity _type |
---|---|---|
cisco_ise_network_device_group | HAS | cisco_ise_network_device |