08-28-2017 09:46 PM
Hi
I have a customer (more specifically, a tenant of my ISE Guest Wi-Fi deployment) who wants to have reporting on how much data his Guest users are consuming.
I am aware that the Cisco WLC sends Accounting Start/Interim/Stop to ISE, but ISE only uses that for its licensing processing logic.
thanks in advance
Solved! Go to Solution.
08-31-2017 07:13 PM
The only reporting that ise does on guest internet is when it receives syslog from device such as the asa firewall for tracking URLS Visited
chexk out updates slides at Training: Voice of the Architect (VoA)
the attached PPTX for guest and then to the monitoring and reporting section
for rich reporting you should integrate wsa with pxgrid, other examples are stealthwatch or splunk
08-29-2017 05:09 AM
To use the current ISE Reports, the best I could find was the RADIUS Accounting filtered by the GUEST Network IP Scope(s). This is particularly helpful if using a separate DHCP Scope for the Guest connections to that SSID.
Otherwise, the suggestion is to use an external logging server to process these events and create the reports needed.
08-31-2017 07:13 PM
The only reporting that ise does on guest internet is when it receives syslog from device such as the asa firewall for tracking URLS Visited
chexk out updates slides at Training: Voice of the Architect (VoA)
the attached PPTX for guest and then to the monitoring and reporting section
for rich reporting you should integrate wsa with pxgrid, other examples are stealthwatch or splunk
08-31-2017 08:06 PM
thanks to everyone who has replied with their recommendations. While they are certainly all interesting in their own right, it doesn't address the requirement of being able to report on the data usage. It struck me as a very obvious requirement when my customer asked me things like "How much traffic is my Guest portal creating on a weekly/month basis?" - or "How much data did user XYZ upload/download while he was using the Guest portal?".
It's interesting to see the Enterprise vs Service Provider differences between ISE and CPAR. In CPAR there was a very easy option to siphon off the accounting records into either a .csv file for crunching in Excel or whatever, or, sending the records to an SQL DB, and also proxying accounting records to another radius server.
We're talking about Accounting records here that contain a lot of useful usage data - it would probably not be a major stretch for ISE BU to create an option to allow accounting records to be written to a rolling repository somewhere, even if it's a .csv file format.
09-01-2017 05:35 AM
Sorry ise is not designed for this and doubt it would ever do this you can ask the PM team but there are many higher priority items
This is not a discussion we would have on the forum
This is up to the network infrastructure and its monitoring and reporting capability tooling to aggregate the different networks and its data reports
09-01-2017 02:34 PM
Hi Ame,
I do not understand the need to have this in ISE.
Service providers need this for billing so this may be required for tracking.
We are talking about Radius accounting records here. I am not sure if it will carry data usage information about guests even for CPAR.
If you are interested in just accounting you can use following reports in ISE and export it to CSV. You can use Master guest report to track websites users go etc.
You can schedule reports in ISE 2.3 at specific intervals as well
https://www.cisco.com/c/en/us/td/docs/security/ise/2-3/admin_guide/b_ise_admin_guide_23/b_ise_admin_guide_23_chapter_011100.pdf
Thanks
Krishnan
09-03-2017 04:16 PM
Hi Krishnan
When you say "We are talking about Radius accounting records here. I am not sure if it will carry data usage information about guests even for CPAR." - I have provided an example of an accounting record further below so that you can see what I am talking about.
Also to respond to Jason's reply "This is up to the network infrastructure and its monitoring and reporting capability tooling to aggregate the different networks and its data reports". I agree entirely with that - I am not asking ISE to produce me pretty graphs (although that would be nice ). But I was asking about HOW to get the data into a format that I can feed the data into a tool that can produce the pretty graphs. So far it seems to me that ISE lacks the basic facility to let me process certain data myself (i.e. the session bytes in/out) - whether it be via file export, or via radius proxy. There are certainly some very cool reports in ISE and they are very useful - but none of them contain the data usage of the session for data accounting purposes.
My customer is not an ISP, but they want to know about data usage of their services.
Even the ISE 2.3 Report called "Endpoints and Users > RADIUS Accounting" doesn't contain the data usage. Why? It's just another few fields to add to the report ...
Example of an Accounting-Request showing the fields that I am interest in seeing.
06-25-2018 05:42 AM
Hi,
we are facing the same issue on our side, and migrating from an ACS 5.3, we are unable to decommission it as the client request to have the data usage report for each users.
I do confirm this is only a field existing in the accounting frame that the ISE has to handle for reporting.
For the client, this is a drawback, especially as ACS now suffers multiple vulnerabilities.
Regards
Jerome
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide