cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
 
Register for the monthly ISE Webinars to learn about ISE configuration and deployment.
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

58
Views
0
Helpful
1
Replies

Cisco stealthwatch and ISE

Dear community,

 

I am confused with the Cisco ISE and stealthwatch. 

 

It is clear to me what is Cisco ISE, but looks like stealthwatch is the ISE management console.

 

Can you explain also If I can implement Cisco ISE only without stealthwatch ?

 

Thanks,

Edouard.

Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
VIP Advocate

Re: Cisco stealthwatch and ISE

Cisco ISE and Stealthwatch are two independent products that have integration capabilities. They can be deployed independently of each other and later integrated if desired.

Stealthwatch is manged from the SMC, Stealthwatch Management Console. It primarily receives netflow from switches and routers in the environment to create a record of what is going across the network.

ISE, Identity Services Engine, provides authentication services for wired, wireless, and VPN devices. Network devices send RADIUS requests to ISE, and via policy we determine if an endpoint/user should be granted access to the network and what resources that endpoint/user should have.

Stealthwatch has the ability to integrate with ISE to learn user identities. This provides richer context to the data you see in SMC since it's no longer simply just IP to IP. You then know that IP 1 has user X at it, and IP 2 has user Y at it, the user context is quite valuable.
1 REPLY 1
Highlighted
VIP Advocate

Re: Cisco stealthwatch and ISE

Cisco ISE and Stealthwatch are two independent products that have integration capabilities. They can be deployed independently of each other and later integrated if desired.

Stealthwatch is manged from the SMC, Stealthwatch Management Console. It primarily receives netflow from switches and routers in the environment to create a record of what is going across the network.

ISE, Identity Services Engine, provides authentication services for wired, wireless, and VPN devices. Network devices send RADIUS requests to ISE, and via policy we determine if an endpoint/user should be granted access to the network and what resources that endpoint/user should have.

Stealthwatch has the ability to integrate with ISE to learn user identities. This provides richer context to the data you see in SMC since it's no longer simply just IP to IP. You then know that IP 1 has user X at it, and IP 2 has user Y at it, the user context is quite valuable.