This document is for Cisco Engineers and customers deploying Cisco Stealthwatch 6.9 with Cisco Identity Service Engine (ISE 2.2 using Cisco platform Exchange Grid (pxGrid). The reader should have some similarity with ISE and Cisco Stealthwatch and pxGrid.
Cisco Stealthwatch 6.9 no longer requires syslog information for obtaining contextual information, instead pxGrid is used. The Cisco Stealthwatch Management Console will register as a pxGrid client and subscribe the ISE pxGrid node Session Directory topic to obtain the contextual information.
ISE 2.2 features an internal Certificate Authority (CA) for deploying pxGrid certificates. These pxGrid client certificates can be generated from ISE in either PEM or PKCS12 formats and imported into the Stealthwatch SSL Client store and ISE internal CA root certificate imported into the Stealthwatch CA store. Additionally, certificates can be generated based on the Certificate Signing Requests (CSR). These scenarios will be covered in this document.
This document starts using the preferred method of using the ISE 2.2 Internal CA for deploying pxGrid and Stealthwatch 6.9 using PKCS12 certificate format and then covers an external CA server deployment.
Self-signed certificate deployments and other ISE 2.2 internal CA configurations are covered under the Other Configurations Section.
Hi all, I have read the admin guide for license topic, but I got confused about license enforcement. https://www.cisco.com/c/en/us/td/docs/security/ise/3-1/admin_guide/b_ise_admin_3_1/b_ISE_admin_31_licensing.html From the guide, it says "I...
I'm beating my head against a wall here. Here's my scenario. My ISP provides me with a block of IP addresses. They required me to have a router to route that block of IPs to the ISP network. There is no NAT on this router. From my router, I have thre...
We have the 2100 series Firepower in a 2-node cluster (v6.2+) managed by FMC (v6.3+). When we migrated from the ASA, the network objects and port objects from the configuration moved over as very generic names in the new configuration. We have...