We are wishing to migrate from CX/PRSM to FirePower/FireSight. I am researching feature parity.
Today I use the CDA integration with ISE to passively capture the user identity of 802.1x wireless authenticated employees.
The goal is to on demand produce reports that map a username to their traffic in a passive fashion.
I was told by a Cisco engineer that ISE was a consumable identiy source for FireSight in the same way that LDAP is with the User Agent. Furthermore I was assured that this was the case without having licensing for PXGRID.
I am unable to find any information proving this to be true. The only thing I find is information on how to use ISE as an authentication method.
I do not want to authenticate users actively. I just want to scape username information for reporting purposes. I have read the following URL and it is not what I am looking for based on our current configuration.
http://www.cisco.com/c/en/us/support/docs/security/firesight-management-center/118541-configure-firesight-00.html