jorper
New Member.
522 views

Sentinel and Cisco ISE?


I found this old "'News' (http://tinyurl.com/ozyzv49)" about Cisco ISE
and Sentinel. Is there anyone who can tell me what this means?

-
Now compatible with Cisco ISE, NetIQ Sentinel 7.2 provides
network and security analysts the 'identity context' they need to
rapidly assess the significance of security events, decreasing the time
required to detect, assess and respond to security events.
-
Is there a Cisco ISE-collector on the way, are the ISE syslogs
Sentinelified or is it just Corp bullsh*t?


--
jorper
------------------------------------------------------------------------
jorper's Profile: https://forums.netiq.com/member.php?userid=3529
View this thread: https://forums.netiq.com/showthread.php?t=54449

0 Likes
4 Replies
Knowledge Partner Knowledge Partner
Knowledge Partner

Re: Sentinel and Cisco ISE?

I presume this refers to the ability to capture Netflow data directly form
Cisco about that time period. When you view events, if you have Netflow
data present, that can show up as well giving you more analysis of the
events as they were seen from network devices at the same time as other
systems.

https://www.netiq.com/documentation/sentinel-73/s73_admin/data/b18nsp0k.html

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...
0 Likes
elfstone2 Absent Member.
Absent Member.

Re: Sentinel and Cisco ISE?


ab;261562 Wrote:
> I presume this refers to the ability to capture Netflow data directly
> form
> Cisco about that time period. When you view events, if you have
> Netflow
> data present, that can show up as well giving you more analysis of the
> events as they were seen from network devices at the same time as other
> systems.
>
> ------------------------
>
> There is a separate, specialized collector manager for Sentinel called
> the Netflow Collector Manager. This is unrelated to the Cisco ISE +
> Sentinel partnership that was mentioned at BrainShare 2014. An early
> Cisco ISE "Solution Pack" was released to the Sentinel Plugin site's
> "Preview" section around that same time, but it has not been revv'd or
> promoted to the Officially Supported section in the past year since.
>
>
> - Stefan



--
Elfstone2
------------------------------------------------------------------------
Elfstone2's Profile: https://forums.netiq.com/member.php?userid=5535
View this thread: https://forums.netiq.com/showthread.php?t=54449

0 Likes
Knowledge Partner
Knowledge Partner

Re: Sentinel and Cisco ISE?

Am 14.10.2015 um 12:54 schrieb jorper:
>
> Is there a Cisco ISE-collector on the way, are the ISE syslogs
> Sentinelified or is it just Corp bullsh*t?



Here's what Cisco has to say (the link on Netiq's page is dead), which
is a bit more to the core of it.

https://marketplace.cisco.com/catalog/companies/4670/products/netiq-sentinel

CU,
--
Massimo Rosen
Novell Knowledge Partner
No emails please!
http://www.cfc-it.de
CU,
--
Massimo Rosen
Micro Focus Knowledge Partner
No emails please!
http://www.cfc-it.de
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Sentinel and Cisco ISE?


The Sentinel and Cisco ISE Integration feature is available for preview.

Supported Platforms

- ISE 1.3
- pxGrid 1.0.0
- Sentinel 7.2.1 or later


This feature has the following components:

*Sentinel and ISE pxGrid Integration Service* - this is a standalone
integration component developed to capture session notifications sent
from Cisco ISE through pxGrid and updates Sentinel maps to enrich
events with User Identity Information. This component can be
downloaded from the Sentinel Plug-ins Preview wesbite. Here is the
direct link - http://tinyurl.com/ombl6h4, doc -
http://tinyurl.com/pfd2cjj


*ISE pxGrid Solution Pack* - Uses the contextual information received
from the Sentinel and ISE pxGrid integration component to detect high
risk activities unsafe devices. See, http://tinyurl.com/omm8b2g. This
Solution Pack is also available in the preview website, here is the
direct link - http://tinyurl.com/ndlrvmw


Many Thanks,
Saradha.S


--
ssankarnarayanan
------------------------------------------------------------------------
ssankarnarayanan's Profile: https://forums.netiq.com/member.php?userid=405
View this thread: https://forums.netiq.com/showthread.php?t=54449

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.