: Integrate IoT Security with Cisco ISE pxGrid
Focus
Focus

Integrate IoT Security with Cisco ISE pxGrid

Table of Contents

Integrate IoT Security with Cisco ISE pxGrid

Integrate IoT Security through pxGrid with Cisco ISE to provide network access control (NAC) to IoT devices.
IoT Security is an IoT (Internet of Things) security solution that uses deep machine learning to discover and categorize every IoT device on your network. It creates a baseline of normal behavior for each individual IoT device, continuously monitors for anomalous behavior, and then alerts administrators whenever it finds such anomalies.
Cisco pxGrid (Platform Exchange Grid) is a platform that enables various network security products to share information so they can discover and respond to threats quickly. A pxGrid controller coordinates connections among partner nodes and runs on Cisco ISE (Identity Services Engine), a product for creating and enforcing network access and security policies. The pxGrid controller provides a means for partners to publish services to ISE and other connected nodes and subscribe to services from them.
You can integrate IoT Security through Cortex XSOAR and pxGrid with Cisco ISE. By integrating these solutions, you can respond to security alerts by quarantining IoT devices to mitigate risk and later removing them from quarantine after the threat subsides.
Ensure the XSOAR engine can form an HTTPS connection to your Cisco pxGrid controller/ISE instance on TCP port 8910. The engine uses this port when authenticating with pxGrid and when sending it IoT device data and quarantine commands. In addition, ensure that the XSOAR engine can form an HTTP connection on TCP port 443 with Cortex XSOAR.
In a distributed environment, multiple firewalls report metadata to the IoT Security Cloud, which then sends it through Cortex XSOAR to the XSOAR engine designated to communicate through pxGrid to the ISE admin node.
Integrating with Cisco ISE pxGrid requires either a full-featured Cortex XSOAR server or the purchase and activation of an IoT Security third-party integration add-on license, which comes with a free cohosted Cortex XSOAR instance. The basic plan includes a license for three integration add-ons, one of which can be used for this. The advanced plan includes a license for all supported third-party integrations.