Manualsbrain.com
  1. マニュアル
  2. ブランド
  3. Cisco
  4. Cisco Web Security Appliance S670
  5. ユーザーガイド

Cisco Cisco Web Security Appliance S670 ユーザーガイド

ダウンロード
ページ / 466
8-5
AsyncOS 8.8 for Cisco Web Security Appliances User Guide
 
Chapter 8      Integrate the Cisco Identity Services Engine
  Connect to the Identity Services Engine Service
Related Topics
Connect to the Identity Services Engine Service
Before You Begin
Be sure each ISE server is configured appropriately for WSA access; see 
.
Obtain ISE server connection information.
Obtain valid ISE-related certificates (client, Portal and pxGrid) and keys. See also 
 for related information.
Step 1
Choose Network > Identification Service Engine.
Step 2
Click Edit Settings
Step 3
Check Enable ISE Service.
Step 4
Identify the Primary ISE pxGrid Node using its host name or IPv4 address.
a.
Provide an ISE pxGrid Node Certificate for WSA-ISE data subscription (on-going queries to the 
ISE server).
Browse to and select the certificate file, and then click Upload File. See 
 for additional information. 
Step 5
If using a second ISE server for failover, identify the Secondary ISE pxGrid Node using its host name 
or IPv4 address.
a.
Provide the secondary ISE pxGrid Node Certificate.
Browse to and select the certificate file, and then click Upload File. See 
 for additional information.
Note
During failover from primary to secondary ISE servers, any user not in the existing ISE SGT 
cache will be required to authenticate, or will be assigned Guest authorization, depending on 
your WSA configuration. After ISE failover is complete, normal ISE authentication resumes.
Step 6
Upload the ISE Monitoring Node Admin Certificates:
a.
Provide the Primary ISE Monitoring Node Admin Certificate for use in bulk download of ISE 
user-profile data to the WSA.
Browse to and select the certificate file, and then click Upload File. See 
 for additional information.
b.
If using a second ISE server for failover, provide the Secondary ISE Monitoring Node 
Admin Certificate.