Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
659
Views
0
Helpful
1
Replies

ISE with Machine Certificates getting User Identity to Stealthwatch

kkaminsk
Cisco Employee
Cisco Employee

‎09-21-2016 09:53 AM

Folks,

I have a large customer currently doing PEAP for wired and wireless and using Stealthwatch. Identity information is going to Stealthwatch via syslog.  All is good in the world.

Now they are moving to Machine certificates for better security.  We had a discussion about Stealthwatch not getting the user identity information then and recommeded user certificates also.  The AD team is balking due to the storage needed for the user cert in the user object.

Question - can we use an EZConnect connection into AD to get the user information even if we are not doing EZConnect via WMI?(I know this is not the use case for EZConnect).  Any other way for Stealthwatch to have the proper user and profiled device information?

0 Helpful
1 Reply 1

hslai
Cisco Employee
Cisco Employee

‎09-21-2016 05:07 PM

EZC is not vetted for DOT1X use case in ISE 2.1. It might work but not yet supported. If the enforcement needs the user info, I see no other way to do it.

0 Helpful
Customers Also Viewed These Support Documents