Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
233
Views
0
Helpful
1
Replies

FTD Identity Source

Eric Z
Level 1
Level 1

‎12-06-2023 12:36 PM

FTD 2130 in production.  Right now all I see in connection events is ip addresses.  I would like to see computers and usernames.  We don't own ISE.  Is there an alternate way of creating an Identity Source that doesn't require buying another cisco product?  I would like it to use AD to get all IP/Computer/User information.

0 Helpful
1 Reply 1

Rob Ingram
VIP
VIP

‎12-06-2023 12:59 PM

@Eric Z you need to learn the IP/username (computer name) bindings from somewhere, either via passive (ISE, ISE-PIC or TS agent) or active authentication (Captive Portal, RAVPN or Traffic Detection). https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/management-center/device-config/740/management-center-device-config-74/identity-overview.html

I don't know of a way you can learn the identity bindings via another non-cisco means. The best way of learning these bindings is via passive authentication such as ISE, but you could consider ISE-PIC which is a lot cheaper (and less features), this will just gather user identities and IP addresses from AD and share with the subscribers (FMC). https://www.cisco.com/c/en/us/td/docs/security/ise/3-1/pic_admin_guide/pic_admin31/pic_admin31_chapter_00.html

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card