The Cisco pxGrid integration for Lumeta 3.3 and later, enables you to exchange context with Cisco products to retrieve endpoint, identity group, security group, and session data from a Cisco ISE server. The session data (only) is correlated by IP across Cisco and Lumeta, providing additional session data on the Lumeta side. Endpoint, identity group, and security group data is the same from both Cisco and Lumeta, only the GUI is different.
To make use of this integration, your network must be running the Cisco pxGrid agent and be monitored by Lumeta. You'll also need the following:
- Login credentials to your organization's Cisco ISE server
- Filename and password of the keystore certificate to Cisco ISE server
- Filename and password truststore certificate to Cisco ISE server
Ask your Cisco pxGrid server admin for this information if you do not have it already.
Configuring the Cisco pxGrid Integration
To enable the Cisco pxGrid integration from Lumeta's GUI:
- Browse to Settings > Integrations.
- Click Other Solutions > Cisco.
- Establish that Lumeta is certified to receive Cisco pxGrid notifications by completing the form and clicking Submit:
- Server Name - IP of Cisco pxGrid server
- Username - User account associated with the Cisco pxGrid server
- Password - User's password to the server
- Version - Version of Cisco pxGrid which is populated by default
- Keystore File - Cisco server cert
- Keystore Password - Cisco server password
- Truststore File - Cisco server cert
- Truststore Password - Cisco server passwor
The message "configuration saved" will display.
Enable the Cisco pxGrid Integration
When you're ready to receive Cisco ISE data, power on the integration.
- Return to Settings > Integrations > Other Solutions > Cisco.
- Toggle the slider to "On."
Validate the Feed
Confirm that data from Cisco ISE is available.
Browse to Settings > Tables.
- Search on Cisco.
The "session" data as well as other tables of data from Cisco display.
Cisco pxGrid data is available in tables, dashboard widgets, and device details as follows:
- Click Settings > Tables > Search on Cisco > View to open the table and view session fields.
- Right-click any linked IP address and select Click Device Details > Pxgrid IP Sessions tab to view session data for pxGrid IP.
- Click Dashboards > Cisco pxGrid > to populate Session, Identify Group, Security Group, and Endpoint table data.
pxGrid Device Details
A subset of Cisco pxGrid data is also available in Search > Device details with the following properties. More information and an example will be added here; pxGrid Device Details cannot be displayed in our test environment at this time.
- IP address
- Session state
- Last updated
- Radias av pairs