cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
742
Views
0
Helpful
1
Replies

Cisco stealthwatch and ISE

Dear community,

 

I am confused with the Cisco ISE and stealthwatch. 

 

It is clear to me what is Cisco ISE, but looks like stealthwatch is the ISE management console.

 

Can you explain also If I can implement Cisco ISE only without stealthwatch ?

 

Thanks,

Edouard.

1 Accepted Solution

Accepted Solutions

Damien Miller
VIP Alumni
VIP Alumni
Cisco ISE and Stealthwatch are two independent products that have integration capabilities. They can be deployed independently of each other and later integrated if desired.

Stealthwatch is manged from the SMC, Stealthwatch Management Console. It primarily receives netflow from switches and routers in the environment to create a record of what is going across the network.

ISE, Identity Services Engine, provides authentication services for wired, wireless, and VPN devices. Network devices send RADIUS requests to ISE, and via policy we determine if an endpoint/user should be granted access to the network and what resources that endpoint/user should have.

Stealthwatch has the ability to integrate with ISE to learn user identities. This provides richer context to the data you see in SMC since it's no longer simply just IP to IP. You then know that IP 1 has user X at it, and IP 2 has user Y at it, the user context is quite valuable.

View solution in original post

1 Reply 1

Damien Miller
VIP Alumni
VIP Alumni
Cisco ISE and Stealthwatch are two independent products that have integration capabilities. They can be deployed independently of each other and later integrated if desired.

Stealthwatch is manged from the SMC, Stealthwatch Management Console. It primarily receives netflow from switches and routers in the environment to create a record of what is going across the network.

ISE, Identity Services Engine, provides authentication services for wired, wireless, and VPN devices. Network devices send RADIUS requests to ISE, and via policy we determine if an endpoint/user should be granted access to the network and what resources that endpoint/user should have.

Stealthwatch has the ability to integrate with ISE to learn user identities. This provides richer context to the data you see in SMC since it's no longer simply just IP to IP. You then know that IP 1 has user X at it, and IP 2 has user Y at it, the user context is quite valuable.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: