This document is for Cisco engineers and customers who are planning to integrate Infoblox NIOS and Cisco Identity Service Engine (ISE) 2.1 using Cisco Platform Exchange Grid (pxGrid). Infoblox NIOS version 7.3.6 software was used for both the virtual Grid Master and Network Discovery (ND) member.
This document includes:
Configuring Infoblox and the ISE pxGrid node for both Self-signed and CA-signed certificates
Configuring the Infoblox Grid Master (GM) and Infoblox Network Discovery (ND) member
Configuring DHCP and DNS services on the Infoblox GM
Configuring Infoblox ISE Ecosystem parameters and connecting to the ISE pxGrid node
Creating Infoblox DHCP and IPAM notifications for publishing Dynamic Topic information
Creating Infoblox RPZ notifications to send blocked DNS responses to the ISE pxGrid
Creating ISE EPS Quarantine Authorization policy
Populating Infoblox IPAM table with pxGrid session information
Quarantining an endpoint due to an Infoblox RPZ violation
The reader will observe and become familiar with the ISE user session information that will populate the IPAM table for more contextual information around IP events. Additionally, a RPZ (Response Policy Zone) will be created for blocking www.yahoo.com , with the results the of the endpoint being quarantined.
Hi All I want to ask a thing related this ? we have FTD/FMC and along with treat/malware license and we want to block files according to SHA-256 , SHA1 and MD5 signatures. There is no problem with SHA-256 because we can add custom fi...
I have configured my access switch interfaces with DOT1X authentication from Radius server. And my end host connected with these interfaces are getting their IP from DHCP server. But since my end host clients are not able to authenticate successfully, hen...
I have a HA cluster of FTD (Active/Standby). On FMC, the monitoring is complaining failures in screenshot below for the Standby FTD. Everything is healthy on the Active primary FTD and FMC... I do not see any blockings or DNS issues...Any suggestions? The...
Hi all. I am trying to set up remote access VPN from a Windows client to an ASA running 9.12 software.The requirements I have:- IPsec with IKEv1- Certificates from our internal Microsoft CA should be used for authentication- Windows 10 VPN client sho...
Hi can anyone help me with this please? I'm having a hard time configuring the site to site vpn connection. Basically I'm just following instruction on some tutorials and videos, still I can't configure the connection to our ASA. Our network admin just re...