Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2896
Views
10
Helpful
3
Replies

Cisco ISE pxGrid and Threat Centric NAC

Go to solution
SaintEvn
Level 1
Level 1

‎10-20-2020 09:58 PM

Hi,

I'm confusing about ISE pxGrid and TC-NAC.
Are they the same function?
Or are they different ?
Can you guys help me to understand what is pxGid and when to use it .And also what is TC-NAC and when we need to use it?

Thank you so much!

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Mohammed al Baqari
Level 11
Level 11

‎10-20-2020 10:37 PM

Hi,

PxGrid in simple words is the protocol to exchange information about
endpoint between ISE and other devices. When the endpoint connects to the
network (wired or wireless) ISE authenticates it and then notify all
equipment within the network that a new endpoint is present (FMC, WSA, or
3rd party). These devices can be configured for user policy. It can go
beyond that by assigning security group tags (SGT) but this is advanced
stuff.

TC-NAC leverages PxGrid to communicate with FMC. When FMC detects an IOC
for an endpoint (for example infected with malware or initiating CnC), FMC
uses PxGrid to notify ISE to isolate the endpoint. At this point TC-NAC
kicks in.

**** please remember to rate useful posts

View solution in original post

3 Replies 3

Go to solution
Mohammed al Baqari
Level 11
Level 11

‎10-20-2020 10:37 PM

Hi,

PxGrid in simple words is the protocol to exchange information about
endpoint between ISE and other devices. When the endpoint connects to the
network (wired or wireless) ISE authenticates it and then notify all
equipment within the network that a new endpoint is present (FMC, WSA, or
3rd party). These devices can be configured for user policy. It can go
beyond that by assigning security group tags (SGT) but this is advanced
stuff.

TC-NAC leverages PxGrid to communicate with FMC. When FMC detects an IOC
for an endpoint (for example infected with malware or initiating CnC), FMC
uses PxGrid to notify ISE to isolate the endpoint. At this point TC-NAC
kicks in.

**** please remember to rate useful posts

Go to solution
Peter Koltl
Level 7
Level 7

‎10-22-2020 02:30 PM

Rapid Threat Containment leverages PxGrid to communicate with FMC. When FMC detects an IOC for an endpoint (for example infected with malware or initiating CnC), FMC
uses PxGrid to notify ISE to isolate the endpoint. At this point Rapid Threat Containment kicks in.

 

TC-NAC integrates ISE endpoint database with a vulnerability scanner such as Rapid7 Nexpose.

Go to solution
SaintEvn
Level 1
Level 1

‎10-23-2020 09:10 AM

Thank you so much all!!

0 Helpful
Customers Also Viewed These Support Documents