Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2697
Views
0
Helpful
4
Replies

ISE integration with Bluecoat SG

Go to solution
mokabbar
Cisco Employee
Cisco Employee

‎10-24-2016 03:53 AM

Team,

My customer wants to integrate ISE with their coming Bluecoat ASG proxy. The only task they need from ISE is to forward the username and IP address to Bluecoat so that it provides appropriate access based on those two parameters, noting that the same user might be accessing Internet from Internal LAN (using static proxy on Browser).

I thought we could use some sort of RADIUS for the communication, and read some documents on the internet but they were very vague

please advise

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎10-24-2016 09:03 AM

We have no direct integration with bluecoat.  We could perhaps send syslog over to them and if they can glean it that way?

Not sure how the RADIUS would work as the clients authenticate against the network and then to ISE. Bluecoat is not in the equation

Bluecoat could certainly point to ISE for the users to authenticate again but don’t think they want that. Even better is ISE + WSA with PXGRID integration

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎10-24-2016 09:03 AM

We have no direct integration with bluecoat.  We could perhaps send syslog over to them and if they can glean it that way?

Not sure how the RADIUS would work as the clients authenticate against the network and then to ISE. Bluecoat is not in the equation

Bluecoat could certainly point to ISE for the users to authenticate again but don’t think they want that. Even better is ISE + WSA with PXGRID integration

0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee
In response to Jason Kunst

‎10-24-2016 09:14 AM

You might want to also look into if Bluecoat supports SAML SSO integration? This might work for the employee side of things. For guests you will still have the same issue

0 Helpful

Go to solution
Shaik Moinuddin
Level 1
Level 1
In response to Jason Kunst

‎11-30-2016 03:12 PM

Hi Jason,

can you please provide some details about SAML SSO integration, actually our wireless users gets authenticated thru Cisco ISE (802.1X), after that we don't want them to enter their credentials again one more time for Bluecoat Proxy, but if they don't get authenticated in Bluecoat then we can't apply any proxy policies. i need your kimd help, please suggest.

thank you very much.

0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee
In response to Shaik Moinuddin

‎01-12-2017 12:49 PM

sorry i didn't see this. I would recommend reaching out to the ISE Product Marketing team as even with SSO they will still need to hit a portal before  authenticating.

https://communities.cisco.com/docs/DOC-64018#jive_content_id_Web_Portal_access_via_SAML_SSO

0 Helpful
Customers Also Viewed These Support Documents