Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
David_Brodin
Contributor

Cisco ISE pxGrid identity parsing and population in gateway

Hi all

In the spring this year (2020), before Corona happened, we were implementing dot1x in the network with Cisco ISE, and also wanted to leverage Identity Awareness for access to servers and whatnot. We were also having issues with machine identities from ISE and Identity Collector.

I found that Cisco had created a very good example set on github, I used that project as a beginning for mine and created cp-pxgrid.

cp-pxgrid connects to the pxGrid network and parses information sent out there, looks for machine authentications and sends the information such as machine name and all provided IP-addresses, either IPv4 or IPv6, to participating gateways. The provided SGT from ISE is also sent as a group to the gateways.

Do note that I've since changed employer and don't have a CP/ISE environment to develop and test on.

Please, do enjoy, fork and change or contribute freely. Most if not all pull requests will be accepted.

It is easily changed to look for user authentications aswell, but our use was for machine authentications.

cp-pxgrid based on pxgrid-rest-ws

0 Kudos
0 Replies

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events