Cisco Cisco Web Security Appliance S370 Guía Del Usuario
8-5
AsyncOS 10.0 for Cisco Web Security Appliances User Guide
Chapter 8 Integrate the Cisco Identity Services Engine
Tasks for Certifying and Integrating the ISE Service
Note
Whenever you upload or change certificates on the ISE server, you must restart the ISE service. Also, a
few minutes may be required before the services and connections are restored.
few minutes may be required before the services and connections are restored.
Related Topics
•
•
•
5
On the WSA, add the
exported ISE Admin and
pxGrid certificates.
exported ISE Admin and
pxGrid certificates.
•
Upload the ISE Admin and pxGrid certificates for each ISE server
you are configuring on this WSA. See
you are configuring on this WSA. See
.
–
If using a single self-signed certificate for both ISE Admin and
pxGrid, upload the file twice, once each in the ISE Admin
Certificate and ISE pxGrid Certificate fields. See
pxGrid, upload the file twice, once each in the ISE Admin
Certificate and ISE pxGrid Certificate fields. See
–
If using CA-signed certificates, be sure the Certificate Authority
that signed each pair of ISE certificates is listed in the Trusted
Root Certificates list on the WSA. If not, import the CA root
certificate. See
that signed each pair of ISE certificates is listed in the Trusted
Root Certificates list on the WSA. If not, import the CA root
certificate. See
.
Note
If the ISE Admin and pxGrid certificates are signed by your
Root CA certificate, be sure to upload Root CA certificate
itself to the ISE Admin Certificate and ISE pxGrid Certificate
fields on the WSA (Network > Identity Services Engine).
Root CA certificate, be sure to upload Root CA certificate
itself to the ISE Admin Certificate and ISE pxGrid Certificate
fields on the WSA (Network > Identity Services Engine).
6
Complete configuration of
the WSA for ISE access
and logging.
the WSA for ISE access
and logging.
•
.
•
Add the custom field
%m
to the Access Logs to log the Authentication
mechanism –
.
•
Verify that the ISE Service Log was created; if it was not, create it –
.
•
Ensure the ISE Service Log was created; if not, add it –
.
•
Define Identification Profiles that access ISE for user identification
and authentication –
and authentication –
.
•
Configure access policies that utilize ISE identification to define
criteria and actions for user requests –
criteria and actions for user requests –
.
Step
Task
Links to Related Topics and Procedures