Solved: Re: PAN & ISE for Rapid Threat Containment

ankaushi · ‎05-11-2017

Hi Team,

I understand that we have a list of ecosystem partner for pxGrid and PAN is not listed there. Do we have any case study or any partner for reference who has done the ISE integration with PAN for Rapid Threat Containment…or any document which talks about the integration of Cisco ISE with Palo Alto Firewall for RTC.

Though I could find a link (http://www.cisco.com/c/en/us/products/security/pxgrid.html ) where it mention “With pxGrid, any connected technology can instruct the Cisco Identity Services Engine (ISE) to contain a threat," but was not able to find the some specific information related to Palo Alto Firewall. Any caveats???

Timothy Abbott · ‎05-12-2017

Anshul,

We haven't tested PAN with ISE for RTC. My understanding is the integration is limited to ISE sending syslog information for PAN to ingest. Unfortunately, we don't have any documentation that covers how to set this up.

Regards,

-Tim

View solution in original post

Jason Kunst · ‎10-01-2018

Recommend you ask PAN (assume you mean Palo Alto networks?) it’s up to them to integrate

View solution in original post

Jason Kunst · ‎10-02-2018

>From our integration explorers. there is no current integration, please reach out to PAN to adopt Open pxGrid.

View solution in original post

Timothy Abbott · ‎05-12-2017

Anshul,

We haven't tested PAN with ISE for RTC. My understanding is the integration is limited to ISE sending syslog information for PAN to ingest. Unfortunately, we don't have any documentation that covers how to set this up.

Regards,

-Tim

Kevin Xiong · ‎11-15-2017

Can ISE BU test this PAN with ISE integration ASAP and publish some example documentation? This will certainly help partners to position ISE for all identity related management.

I have a customer who use PAN for URL filtering. They enable PAN SSL Decryption for URL Filtering. All Group membership are out of active directory. They're trying to fetch group data via SAML on ADFS. PAN can only use LDAP for Group mapping for User-Identification.

Can we position ISE pxGrid to make this user-id mapping work for PAN URL filtering?

Jason Kunst · ‎11-15-2017

Again as hslai stated please reach out to ISE product management team thru the sales channel with your use case.

hslai · ‎05-12-2017

There is no current support. Please discuss your use cases with our product management teams.

tminh · ‎10-01-2018

Hi all,

Any update about posibility of having PAN "talking" to our ISE via PxGRID?

I have customer who concerns this issue.

Rgds,

Minh

Jason Kunst · ‎10-01-2018

Recommend you ask PAN (assume you mean Palo Alto networks?) it’s up to them to integrate

tminh · ‎10-01-2018

Thanks for your advice.

Asking PaloAlto SE, I got the following answer:

- PA FW could use PxGRID to send to ISE quarantine request

- PA FW could get the user information from ISE indirectly with the help of a free tool MineMeld + PxGRID

Minh

Jason Kunst · ‎10-02-2018

>From our integration explorers. there is no current integration, please reach out to PAN to adopt Open pxGrid.

waqas1 · ‎04-12-2019

Hi Everyone,

I have the same problem with the Fortigate FW. Does anyone know how to integrate Fortigate FW with the Cisco ISE for RTC?

Thanks

Waqas

Jason Kunst · ‎04-12-2019

Same guidance, if not listed under http://cs.co/ise-guides then we likely don’t have integration. You would need to have customer request feature from vendor to integrate with our product, it’s open platform sdk

https://developer.cisco.com/site/pxgrid/

nidamen · ‎12-18-2019

Panorama Plugin for Cisco TrustSec....

Maybe in the near future we could get Rapid Threat Containment working! Was a dream thought before with PA but looking like reality soon!

Emre Ozel · ‎03-27-2020

Hi Guys,
I have read a lot of articles about Palo Alto Cisco ISE and now I understand that I can do this through MineMeld.
A pxgrid configuration is required on the Cisco ISE side.
I will prepare a document of interest soon.

nidamen · ‎04-01-2021

Emre did you ever get around to doing a Document which covered this?