Showing results for 
Search instead for 
Did you mean: 

Deploying Cisco Stealthwatch 7.0 with Cisco ISE 2.4 using pxGrid


This document is for Cisco Engineers, partners and customers deploying Cisco Stealthwatch 7.0 with Cisco Identity Services Engine (ISE) 2.4 using Cisco Platform Exchange Grid (pxGrid) 1.0.

In this release ANC mitigation actions have been updated to use ANC policies.  Cisco Security Group Tags (SGT) are now incorporated in network flows illustrating Cisco Segmentation. Custom event violation policies can be created from this information.


Cisco Employee

In our case, we need to do an additional  step to approve manually the pxgrid authentication in ISE configuration, in order to complete de pxgrid integration between SWE and ISE.

Hi people, i need your help to solve the stealthwatch with ise, i have the following error




Can someone give me some idea on how to solve this problem?

Cisco Employee

You need to select the Stealthwatch pxGrid client and select Approve.

You can change these pxGrid client settings on Administration->pxGrid->client settings to automatically approve.

thanks jeppich, you solved my problem.

Hi Jeppich,

at the moment I have my client group blank is this normal, should have ANC?.

can you help me with this information?



Cisco Employee

You should be fine. However, if you want you can select the Stealthwatch client and then group and then add the ANC group and then save.

Hi jeppich,


I have already solved the problem of joining the ANC Group, thank you very much for the support.

Hi Jeppich,

in stealthwatch I do not see any information, can you please look at the stealtwatch image if I need to do any more configuration?




Hi, can anyone help me solve the problem of my integration of stealthwatch and ise?



Cisco Employee

Do you have any realtime authentications coming in to ISE?

what kind of authentication Jeppich?

Cisco Employee
I would also recommend checking out and lokoking for how to get help in the community, the tac can support this if you’re looking for urgent care

Hi Jeppich, this deploying i need configure authentication radius on ise with another devices like wlc,router, switch, etc, on  ise network devices ?


What are you going to fail for stealthwatch to have this error?



Cisco Employee

I got an ISE deployment of over 30 nodes but only two nodes have pxGrid enabled to integrate Stealthwatch. Do we need the pxGrid certs for ALL nodes in the deployment or just the 2 nodes with pxGrid enabled?

Cisco Employee

I’m assuming that your customer is using an external CA, in which case, your ISE admin and ISE MNT nodes already have the proper certificates in place to communicate with the ISE pxGrid nodes.
In the Stealthwatch pxGrid configuration, you would need to configure only for the pxGrid nodes.
Please use the ISE Communities to post these type of technical questions.
Content for Community-Ad