This document is for Cisco engineers and customers who are planning to integrate Infoblox NIOS and Cisco Identity Service Engine (ISE) 2.1 using Cisco Platform Exchange Grid (pxGrid). Infoblox NIOS version 7.3.6 software was used for both the virtual Grid Master and Network Discovery (ND) member.
This document includes:
Configuring Infoblox and the ISE pxGrid node for both Self-signed and CA-signed certificates
Configuring the Infoblox Grid Master (GM) and Infoblox Network Discovery (ND) member
Configuring DHCP and DNS services on the Infoblox GM
Configuring Infoblox ISE Ecosystem parameters and connecting to the ISE pxGrid node
Creating Infoblox DHCP and IPAM notifications for publishing Dynamic Topic information
Creating Infoblox RPZ notifications to send blocked DNS responses to the ISE pxGrid
Creating ISE EPS Quarantine Authorization policy
Populating Infoblox IPAM table with pxGrid session information
Quarantining an endpoint due to an Infoblox RPZ violation
The reader will observe and become familiar with the ISE user session information that will populate the IPAM table for more contextual information around IP events. Additionally, a RPZ (Response Policy Zone) will be created for blocking www.yahoo.com , with the results the of the endpoint being quarantined.
THIS IS A BIT OF AN EMERGYCY: I installed two new virtual Ironports, C100V. I copied the config from our old Ironports. Now, for some reason, most of the incoming email are falsely being marked as [P-Suspected Spam]. From the logs it looks like everything...
Hello, I have Firepower 2120 with ASA Logical Device.. want to check the licensing on these... When i run show license all , following is the output : Smart License Status:Smart Licensing is enabled Registration : Registere...
Hi All ,we have cisco ISE distributed deployment , and we are using EAP Channing for authentication , now my scenario is we have one domain Machine and two Domain Users , when users A login on the machine its working fine and get complaint , but...
We're using Jamf as our MDM solution. We've got Jamf configured as a SCEP Proxy in front of our MS CA which issues device authentication certificates to our iPads. Certificates are issued successfully to iPads and are visible both on the devi...
Hello, We have a Cisco IronPort C170 with OS version 10.0.0-203 acting as a Mail Anti Spam for our Network. Last week, we had an incident of spam mails that were sent to almost all the company workers. The sender e-mail address is (ISCULLINAS@GM...