cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2295
Views
0
Helpful
1
Replies

ISE automation

Northy
Level 1
Level 1

We currently use ISE for our anyconnect users. Depending on the user configuration and due to an infosec requirement we need to create an individual AuthZ profile with its own DACL and a new rule in a policy that essentially identifies the user and applies the AuthZ specific to them 

 

I’d like to automate this process but I cannot find anything in the API documentation that suggests it is possible right now.

 

Do people know of a way to create AuthZ, DACL and a AuthZ policy rule in an automated way? 

Are people just not automating ISE configuration all that much? 

Using ISE 2.4 currently

1 Reply 1

Mike.Cifelli
VIP Alumni
VIP Alumni

AFAIK you can utilize ISE APIs to create authz profiles, and dacls.  I have not tested this as I primarily use the APIs to manipulate groups, and endpoints.  However, If you go to your pan sdk via https://<PAN IP>:9060/ers/sdk# and go to API documentation you can see examples and this may also shed some additional light on other items you may be wishing to automate.  HTH!