Integrate Cisco Cyber Vision with Cisco Identity Services Engine (ISE)

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Book Contents

Find Matches in This Book

Results

Updated:: August 9, 2024

Chapter: Cisco Cyber Vision and Cisco ISE Integrations

Cisco Cyber Vision and Cisco ISE Integrations

Cisco Cyber Vision and Cisco ISE Integrations

A Cisco Cyber Vision and Cisco ISE integration is a network security solution that

combines full operational technology (OT) visibility with device identity management,
enables implementation of software-defined segmentation strategies for industrial networks, and
enables you to automatically synchronize asset and endpoint data between Cisco Cyber Vision and Cisco ISE.
enables automatic synchronization of subnet-based groups and user-defined groups with Security Group Tags (SGTs) from Cisco Cyber Vision to Cisco Identity Services Engine (ISE). Using the Cisco ISE API, Cisco Cyber Vision can securely communicate and synchronize IP-to-SGT mappings, ensuring that security policies remain accurate and up-to-date across the network.

Integration details and workflow

Integrating Cisco Cyber Vision with Cisco ISE allows you to define network segments using industrial asset data collected by Cisco Cyber Vision. It also enables you to create dynamic security groups in Cisco ISE. These groups can be enforced across the network using Cisco TrustSec, increasing operational efficiency and security.

Component data from Cisco Cyber Vision is mapped to endpoint data in Cisco ISE. While many attributes have equivalents, you may need custom endpoint attributes to record all asset details. If there are changes to asset data in Cisco Cyber Vision, the updates are automatically synchronized with Cisco ISE, ensuring information consistency.

Example

If you add or modify component properties in Cisco Cyber Vision, the associated endpoint attributes in Cisco ISE update automatically, supporting real-time security enforcement and network segmentation.

Was this Document Helpful?

Feedback

Contact Cisco

Open a Support Case
(Requires a Cisco Service Contract)