Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1429
Views
1
Helpful
3
Replies

stealthwatch CTA to ISE integration

Go to solution
marklevi
Cisco Employee
Cisco Employee

‎10-19-2017 09:31 AM

There is a simple guide to integrate ISE with CTA when using WSA, but it is dependent on logging into a CTA cloud account. This account does not seem to be present when using CTA with SW.

How do I set CTA endpoint flags in ISE when using SW?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
brford
Cisco Employee
Cisco Employee

‎10-19-2017 12:40 PM

Hello Mark,

With the Stealthwatch 6.9.2 release once you have properly configured the Cognitive feature at the SMC and Flow Collector you will see the 'Cognitive Dashboard' and SMC widget and can reach the Cognitive portal.  The authentication happens based on your login to the SMC.

When using Cognitive as a Stealthwatch feature there is no further ISE configuration required.  Identity data is collected and passed to Cognitive via Stealthwatch.

Hope this helps.

Brian

Brian Ford | brford@cisco.com | brford@yahoo.com | 51 75 61 6c 69 74 79 20 6d 65 61 6e 73 20 64 6f 69 6e 67 20 69 74 20 72 69 67 68 74 20 77 68 65 6e 20 6e 6f 20 6f 6e 65 20 69 73 20 6c 6f 6f 6b 69 6e 67 2e | Email me when you figure this out.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
brford
Cisco Employee
Cisco Employee

‎10-19-2017 12:40 PM

Hello Mark,

With the Stealthwatch 6.9.2 release once you have properly configured the Cognitive feature at the SMC and Flow Collector you will see the 'Cognitive Dashboard' and SMC widget and can reach the Cognitive portal.  The authentication happens based on your login to the SMC.

When using Cognitive as a Stealthwatch feature there is no further ISE configuration required.  Identity data is collected and passed to Cognitive via Stealthwatch.

Hope this helps.

Brian

Brian Ford | brford@cisco.com | brford@yahoo.com | 51 75 61 6c 69 74 79 20 6d 65 61 6e 73 20 64 6f 69 6e 67 20 69 74 20 72 69 67 68 74 20 77 68 65 6e 20 6e 6f 20 6f 6e 65 20 69 73 20 6c 6f 6f 6b 69 6e 67 2e | Email me when you figure this out.
0 Helpful

Go to solution
marklevi
Cisco Employee
Cisco Employee
In response to brford

‎10-19-2017 01:09 PM

So we will be able to use our SMC credentials to log into the CTA scansafe portal to create a CTA account for ISE to use?

I understand how the ISE data gets into SW, but how does the CTA data get into ISE for Adaptive network controls?

CTA STIX settings.PNG

0 Helpful

Go to solution
marklevi
Cisco Employee
Cisco Employee
In response to brford

‎10-20-2017 12:09 PM

So with SW integration, no user has an account in CTA, the SMC has an account.

Your SMC admins login to the CTA portal as the SMC with a SSO from the SMC dashboard.

Customers Also Viewed These Support Documents