Integrate IoT Security with Cisco ISE
Table of Contents
Expand all | Collapse all
-
- Integrate IoT Security with AIMS
- Set up AIMS for Integration
- Set up IoT Security and XSOAR for AIMS Integration
- Send Work Orders to AIMS
- Integrate IoT Security with Microsoft SCCM
- Set up Microsoft SCCM for Integration
- Set up IoT Security and XSOAR for SCCM Integration
- Integrate IoT Security with Nuvolo
- Set up Nuvolo for Integration
- Set up IoT Security and XSOAR for Nuvolo Integration
- Send Security Alerts to Nuvolo
- Send Vulnerabilities to Nuvolo
- Integrate IoT Security with ServiceNow
- Set up ServiceNow for Integration
- Set up IoT Security and XSOAR for ServiceNow Integration
- Send Security Alerts to ServiceNow
- Send Vulnerabilities to ServiceNow
-
- Integrate IoT Security with Cortex XDR
- Set up Cortex XDR for Integration
- Set up IoT Security and XSOAR for XDR Integration
- Integrate IoT Security with CrowdStrike
- Set up CrowdStrike for Integration
- Set up IoT Security and XSOAR for CrowdStrike Integration
- Integrate IoT Security with Microsoft Defender XDR
- Set up Microsoft Defender XDR for Integration
- Set up IoT Security and Cortex XSOAR for Microsoft Defender XDR Integration
- Integrate IoT Security with Tanium
- Set up Tanium for Integration
- Set up IoT Security and XSOAR for Tanium Integration
-
- Integrate IoT Security with Aruba AirWave
- Set up Aruba AirWave for Integration
- Set up IoT Security and Cortex XSOAR for Aruba AirWave Integration
- View Device Location Information
- Integrate IoT Security with Aruba Central
- Set up Aruba Central for Integration
- Set up IoT Security and XSOAR for Aruba Central Integration
- Integrate IoT Security with Cisco DNA Center
- Set up Cisco DNA Center to Connect with XSOAR Engines
- Set up IoT Security and XSOAR for DNA Center Integration
- Integrate IoT Security with Cisco Meraki Cloud
- Set up Cisco Meraki Cloud for Integration
- Set up IoT Security and XSOAR for Cisco Meraki Cloud
- Integrate IoT Security with Cisco Prime
- Set up Cisco Prime to Accept Connections from IoT Security
- Set up IoT Security and XSOAR for Cisco Prime Integration
- Integrate IoT Security with Network Switches for SNMP Discovery
- Set up IoT Security and Cortex XSOAR for SNMP Discovery
- Integrate IoT Security with Switches for Network Discovery
- Set up IoT Security and Cortex XSOAR for Network Discovery
-
- Integrate IoT Security with Aruba WLAN Controllers
- Set up Aruba WLAN Controllers for Integration
- Set up IoT Security and XSOAR for Aruba WLAN Controllers
- Integrate IoT Security with Cisco WLAN Controllers
- Set up Cisco WLAN Controllers for Integration
- Set up IoT Security and XSOAR for Cisco WLAN Controllers
-
- Integrate IoT Security with Aruba ClearPass
- Set up Aruba ClearPass for Integration
- Set up IoT Security and XSOAR for ClearPass Integration
- Put a Device in Quarantine Using Aruba ClearPass
- Release a Device from Quarantine Using Aruba ClearPass
- Integrate IoT Security with Cisco ISE
- Set up Cisco ISE to Identify IoT Devices
- Set up Cisco ISE to Identify and Quarantine IoT Devices
- Configure ISE Servers as an HA Pair
- Set up IoT Security and XSOAR for Cisco ISE Integration
- Put a Device in Quarantine Using Cisco ISE
- Release a Device from Quarantine Using Cisco ISE
- Apply Access Control Lists through Cisco ISE
- Integrate IoT Security with Cisco ISE pxGrid
- Set up Integration with Cisco ISE pxGrid
- Put a Device in Quarantine Using Cisco ISE pxGrid
- Release a Device from Quarantine Using Cisco ISE pxGrid
- Integrate IoT Security with Forescout
- Set up Forescout for Integration
- Set up IoT Security and XSOAR for Forescout Integration
- Put a Device in Quarantine Using Forescout
- Release a Device from Quarantine Using Forescout
-
- Integrate IoT Security with Qualys
- Set up QualysGuard Express for Integration
- Set up IoT Security and XSOAR for Qualys Integration
- Perform a Vulnerability Scan Using Qualys
- Get Vulnerability Scan Reports from Qualys
- Integrate IoT Security with Rapid7
- Set up Rapid7 InsightVM for Integration
- Set up IoT Security and XSOAR for Rapid7 Integration
- Perform a Vulnerability Scan Using Rapid7
- Get Vulnerability Scan Reports from Rapid7
- Integrate IoT Security with Tenable
- Set up Tenable for Integration
- Set up IoT Security and XSOAR for Tenable Integration
- Perform a Vulnerability Scan Using Tenable
- Get Vulnerability Scan Reports from Tenable
Integrate IoT Security with Cisco ISE
Integrate IoT Security with Cisco ISE to provide network
access control (NAC) to IoT devices.
Palo Alto Networks IoT Security can integrate
through Cortex XSOAR with Cisco ISE (Identity Services Engine) to
populate custom endpoint attributes on one or more ISE instances
with data discovered in the network traffic that IoT Security analyzes.
If a device is already in the ISE inventory, ISE adds the attributes
from IoT Security to it. If IoT Security sends attributes for a device
that isn’t in the ISE inventory, ISE treats it as a new endpoint,
adds it to their inventory, and includes all the related attributes
that IoT Security sends.
ISE uses data in network access control
policies to segment the network for reduced risk exposure. In addition,
from the IoT Security portal, you can manually quarantine devices
through ISE and later remove them from quarantine in response to
the severity and status of detected security alerts. IoT Security
can also provide ISE with the information it needs to enforce access control
lists (ACLs), limiting devices to operate on the network
within normal parameters as determined by AI-powered behavioral
analysis.
After the setup is complete, you initiate an initial
export of the entire device inventory from IoT Security through
XSOAR to Cisco ISE. After that, XSOAR requests incremental updates
at user-specified intervals. IoT Security determines if there are any
newly discovered devices or if there are changes in any attribute
fields of previously discovered devices within a user-specified
polling interval and, if found, responds with an update. In contrast
to these periodic automated updates, IoT Security sends user-initiated
commands to quarantine a device or remove it from quarantine immediately
to XSOAR, which immediately forwards them to ISE.
As is true with
all traffic entering the network, inbound communications from Cortex
XSOAR must pass through the firewall to reach the Cortex engine,
but the firewall itself plays no logical role in relaying the data
in their communications.
To provide redundancy, you
can configure an XSOAR engine to integrate with primary and secondary
ISE instances, and each instance can be an active/standby high availability
(HA) pair or a standalone device.
Integrating with Cisco ISE requires either a full-featured Cortex XSOAR server
or the purchase and activation of an IoT Security third-party integration add-on license, which comes with a free cohosted Cortex XSOAR instance. The basic
plan includes a license for three integration add-ons, one of which can be used for
Cisco ISE. The advanced plan includes a license for all supported third-party
integrations.