03-07-2018 07:25 PM
Hi,
I have a Firepower customer looking for identity integration within Firepower management center. We have been exploring the identity integration with pxGrid but the scale is bringing up questions on deployment options.
Open to other ideas..
Naman
Solved! Go to Solution.
03-07-2018 08:46 PM
Max limit per ISE / ISE-PIC instance is 100 DCs today. If require monitoring of more DCs, then deploy multiple ISE/PIC instances. See ISE Performance & Scale
Remember, it is only needed to get identity for DCs that authenticate users and where need to apply policy based on the users logging into that DC. Although not officially QA tested, we have tested internally the use of log event forwarding which could be used to forward logs from multiple DCs to a single DC for collection.
If the Qradar deployment generates logs for each event, then Syslog could be used to parse user/IP mappings.
Craig
03-07-2018 08:46 PM
Max limit per ISE / ISE-PIC instance is 100 DCs today. If require monitoring of more DCs, then deploy multiple ISE/PIC instances. See ISE Performance & Scale
Remember, it is only needed to get identity for DCs that authenticate users and where need to apply policy based on the users logging into that DC. Although not officially QA tested, we have tested internally the use of log event forwarding which could be used to forward logs from multiple DCs to a single DC for collection.
If the Qradar deployment generates logs for each event, then Syslog could be used to parse user/IP mappings.
Craig
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide