Solved: ISE command authorization for Stealthwatch

chris.allen08 · ‎10-08-2018

I am in the process of configuring Tacacs+ (via ISE 2.3) to authenticate users of the Stealthwatch Management Console v6.10 (and desktop client). I see the functional roles with Stealthwatch but where can I find the actual commands I can configure in ISE for the authorization profile? Does anyone know? Has anyone done this?

TIA,

Chris

Nidhi · ‎10-09-2018

consider these links -

https://www.network-node.com/video-training/

https://www.cisco.com/c/en/us/td/docs/security/ise/2-1/admin_guide/b_ise_admin_guide_21/b_ise_admin_guide_20_chapter_0100010.html

https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/200208-Configure-ISE-2-0-IOS-TACACS-Authentic.html

Hope this helps.

View solution in original post

Nidhi · ‎10-09-2018

consider these links -

https://www.network-node.com/video-training/

https://www.cisco.com/c/en/us/td/docs/security/ise/2-1/admin_guide/b_ise_admin_guide_21/b_ise_admin_guide_20_chapter_0100010.html

https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/200208-Configure-ISE-2-0-IOS-TACACS-Authentic.html

Hope this helps.

chris.allen08 · ‎10-09-2018

Thanks for the links. I understand how to build the device command profiles. What I am looking for are the commands that are configured in the profile.

I have configured Prime Infrastructure to authenticate users against TACACS+ (ISE) and Prime Infrastructure provides the ability to copy the commands for each of the roles in PI. This is what I am looking for in Stealthwatch.

Thanks,

Chris

Sp@wn · ‎08-09-2019

Hello Chris,

I am thinking as same as you. Did you find any solution for that?

Thanks,
Volkan