Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
726
Views
10
Helpful
3
Replies

Sharing of User ID context for guest use case with other solutions

Go to solution
dbhatt
Level 1
Level 1

‎10-11-2022 06:26 AM

Hello All,

Here is the requirement:

Guests will be given access using Cisco ISE using the standard guest flow.

However, customer would like to have visibility about which URLs, applications etc. are being accessed by a particular guest.

Technically, as far as I know, we need a way to send the userid, IP address, MAC address details to other device such as proxy or firewall and determine exactly what is being accessed by the guests.

Context sharing is possible through PxGRID. But I would like to know which Cisco solution should be used to achieve this use case. For example, WSA, FTD, Umbrella?

Let me know if any further details are required. Thanks in advance!!

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
ahollifield
VIP
VIP

‎10-11-2022 08:31 AM - edited ‎10-11-2022 08:31 AM

This is not a functionality of ISE.  This would be the handled by whatever the upstream routing device is for the guests (router, firewall, proxy appliance, etc.).  From a Cisco prospective, each of the solutions you list in the example would fit here.

View solution in original post

3 Replies 3

Go to solution
ahollifield
VIP
VIP

‎10-11-2022 08:31 AM - edited ‎10-11-2022 08:31 AM

This is not a functionality of ISE.  This would be the handled by whatever the upstream routing device is for the guests (router, firewall, proxy appliance, etc.).  From a Cisco prospective, each of the solutions you list in the example would fit here.

Go to solution
dbhatt
Level 1
Level 1
In response to ahollifield

‎10-11-2022 11:14 AM

Hi,

Appreciate your help. However, the requirement here is to authenticate users (both internal users and guests) using guest portal on ISE and then sending this user id, MAC, IP address details to the upstream relevant device (for example WSA).

Once these details are provided, then WSA should be able to track which websites are being accessed by these users already authenticated and authorized by ISE for internet access.

So, my question is if I integrate WSA with Cisco ISE through PxGRID, will I get this information for all the users? AD users as well as guests?

Thanks!!

0 Helpful

Go to solution
ahollifield
VIP
VIP
In response to dbhatt

‎10-11-2022 11:46 AM

Yes, this is precisely the use-case for pxGrid
Customers Also Viewed These Support Documents