Solved: Integration between ISE and Manage Engine

hanguye3 · ‎07-08-2018

Hi team,

Our customer is using Manage Engine for their IT service desk solution. We are proposing the Cisco ISE 2.4 for another project. they ask us to integrate ISE with their Service Desk.

Has anyone have any experience on that integration or send me the detailed document?

Highly appreciate for all the quick support.

Thanks in advance.

Br,

hainm

Craig Hyps · ‎07-09-2018

Need to clarify the type of integration desired.

General log/context consumption: ISE generates logs which many SIEM vendors have provided plugins to auto-parse and generate canned reports. Without such integration, you would need to configure SIEM/logger to manually parse ISE events (for example, past/failed Authentications. Many vendors have also elected to integrate via pxGrid which is more efficient than log parsing. I do not see ME as having implemented a log parser or pxGrid integration.

Service/Inventory Integration: Some vendors leverage APIs or other interface to allow sharing of context data between systems. ISE has an API to update its user/endpoint database. If ME supports such an interface, you could externally script the integration, but not native in ISE to communicate with 3rd-party via API with exception of our MDM/Device Manager integration or TC-NAC integrations with very specific vendors.

Craig

View solution in original post

Craig Hyps · ‎07-09-2018

Need to clarify the type of integration desired.

General log/context consumption: ISE generates logs which many SIEM vendors have provided plugins to auto-parse and generate canned reports. Without such integration, you would need to configure SIEM/logger to manually parse ISE events (for example, past/failed Authentications. Many vendors have also elected to integrate via pxGrid which is more efficient than log parsing. I do not see ME as having implemented a log parser or pxGrid integration.

Service/Inventory Integration: Some vendors leverage APIs or other interface to allow sharing of context data between systems. ISE has an API to update its user/endpoint database. If ME supports such an interface, you could externally script the integration, but not native in ISE to communicate with 3rd-party via API with exception of our MDM/Device Manager integration or TC-NAC integrations with very specific vendors.

Craig

kvenkata1 · ‎07-09-2018

There is no validated/documented integration available today between ISE & ManageEngine. Please consult the existing 3rd party integration list here.

ISE Design & Integration Guides

Can you be specific about what type of integration is needed? Do you have specific use cases? What will be the business impact?

- Krish

hanguye3 · ‎07-09-2018

Hi bro,

I have a specific case like that: when the ISE detect any client that violate the posture policy, it will send the email to the ManageEngine Service Desk system. The ME system received the email and assign the ticket to this issue => after that, this ticket will be handled by the IT guy.

So far, I have not found any document that describe this feature. Do u know that we can do like this? Or we can do through the API?

Please help to advise. Thanks in advance.

Best regards,

.:|:.:|:. Hai Nguyen

Systems Engineer | Cisco Systems Vietnam

Desk: +84 24 3974 6248 | Mobile: +84 904 373 746 | hanguye3@cisco.com<mailto:hanguye3@cisco.com>

Craig Hyps · ‎07-10-2018

There is no native integration today to generate emails to ME based on posture result. You could configure an external logger to trigger response such as email based on specific ISE log messages for non-compliance. You may consider working with ME to develop interface to ISE syslog or pxGrid to perform action. Any specific on ISE side should be communicated to your Cisco account team.

Craig