Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
543
Views
1
Helpful
1
Replies

What are the advantages of using pxGrid in ISE?

Go to solution
JustTakeTheFirstStep
Level 4
Level 4

‎11-20-2022 01:19 AM

What are the advantages of using pxGrid in ISE?
I've read several pxGrid integration guides.
But I don't understand the use case exactly.
For example,
When using FMC and ISE without integrating
When integrating with FMC
What makes a difference??

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎11-20-2022 02:08 AM

@JustTakeTheFirstStep pxGrid is a secure communication protocol, when configured ISE will share context information (User/IP binding, SGTs (Security Group Tag), SGT/IP bindings, endpoint profile information, threat data etc) with the FMC and other subscribed systems such as Stealthwatch, DNAC, WSA and other 3rd party solutions.

In regard to ISE/FMC integration, with this information learnt from pxgrid on the FMC, you will now have a username associated to the IP address. You can then create rules based on username or AD group (with AD realm) instead of just the IP address and also provide more useful information when looking at the firewall logs. You will also have the ability for the FMC to instruct ISE to quarantine the user/endpoint at source (the connected switchport) based on a firewall event (malicious activity).

https://www.ciscopress.com/articles/article.asp?p=2963461

 

View solution in original post

1 Reply 1

Go to solution
Rob Ingram
VIP
VIP

‎11-20-2022 02:08 AM

@JustTakeTheFirstStep pxGrid is a secure communication protocol, when configured ISE will share context information (User/IP binding, SGTs (Security Group Tag), SGT/IP bindings, endpoint profile information, threat data etc) with the FMC and other subscribed systems such as Stealthwatch, DNAC, WSA and other 3rd party solutions.

In regard to ISE/FMC integration, with this information learnt from pxgrid on the FMC, you will now have a username associated to the IP address. You can then create rules based on username or AD group (with AD realm) instead of just the IP address and also provide more useful information when looking at the firewall logs. You will also have the ability for the FMC to instruct ISE to quarantine the user/endpoint at source (the connected switchport) based on a firewall event (malicious activity).

https://www.ciscopress.com/articles/article.asp?p=2963461

 

Customers Also Viewed These Support Documents