Cisco Cisco Web Security Appliance S360 Guida Utente
C H A P T E R
8-1
AsyncOS 9.1.1 for Cisco Web Security Appliances User Guide
8
Integrate the Cisco Identity Services Engine
•
•
•
•
•
Overview of the Identity Services Engine Service
Cisco’s Identity Services Engine (ISE) is an application that runs on separate servers in your network to
provide enhanced identity management. AsyncOS can access user-identity information from an ISE
server. If configured, user names and associated Secure Group Tags will be obtained from the Identity
Services Engine for appropriately configured Identification Profiles, to allow transparent user
identification in policies configured to use those profiles.
provide enhanced identity management. AsyncOS can access user-identity information from an ISE
server. If configured, user names and associated Secure Group Tags will be obtained from the Identity
Services Engine for appropriately configured Identification Profiles, to allow transparent user
identification in policies configured to use those profiles.
Note
The ISE service is not available in Connector mode.
Related Topics
•
•
About pxGrid
Cisco’s Platform Exchange Grid (pxGrid) enables collaboration between components of the network
infrastructure, including security-monitoring and network-detection systems, identity and access
management platforms, and so on. These components can use pxGrid to exchange information via a
publish/subscribe method.
infrastructure, including security-monitoring and network-detection systems, identity and access
management platforms, and so on. These components can use pxGrid to exchange information via a
publish/subscribe method.
There are essentially three pxGrid components: the pxGrid publisher, the pxGrid client, and the
pxGrid controller.
pxGrid controller.
•
pxGrid publisher – Provides information for the pxGrid client(s).
•
pxGrid client – Any system, such as the Web Security appliance, that subscribes to published
information; in this case, Security Group Tag (SGT) and user-group and profiling information.
information; in this case, Security Group Tag (SGT) and user-group and profiling information.