In this post, I'm going to go through Rapid Threat Containment utilizing both ISE and Firepower. The pre-requirements in order to do this is to have configured pxGrid between ISE and the Firepower Management Center (FMC) prior. If you would like to know how to do so, I went over how to do it with self-signed certificates in this post here or CA-signed certificates in this post here.
StealthWatch 6.8 and ISE Integration with Self-Signed Certificate
I'm going to go over integration ISE 2.1 and Stealthwatch via pxGrid with self-signed certificates. I personally like using CA-Signed certificates for my deployment because if I ever need to rebuild an ISE instance or pxGrid client, it's extremely easy to get it up and running again with a CA-signed certificate but this isn't always the ideal situation for everyone. For those without a PKI infrastructure or for lab environments, it's pretty easy to set up pxGrid integration without an external PKI infrastructure.
Firepower 6.0 pxGrid Integration with ISE - Self-signed Certificates
ISE 2.1 and WSA pxGrid Integration with Self-Signed Certificates
Firepower 6.0 pxGrid Integration with ISE - CA-Signed Certificate
In this post, I'm going to go through the configuration of Firepower v6.0.x for pxGrid integration with ISE using CA-signed certificates. In future posts, I'm planning on going through the configuration for both Firepower 5.4 and 6.0 using both self-signed and CA-signed certificates. The reason I plan on doing that is because they are slightly different and it's important to know this.
ISE 2.1 and WSA pxGrid Integration with CA-Signed Certificates
This blog post is going to be going over integration ISE 2.1 and WSA via pxGrid with CA-signed certificates. I personally like using CA-Signed certificates for my deployment because if I ever need to rebuild an ISE instance or pxGrid client, it's extremely easy to get it up and running again with a CA-signed certificate.
StealthWatch 6.8 and ISE Integration with CA-Signed Certificate
In this blog post, I'll go over StealthWatch and ISE integration with pxGrid. With this integration, ISE will share contextual information such as username and device information with StealthWatch and it adds the ability to do rapid threat containment to quarantine misbehaving endpoints. I'm going to use a CA-signed certificate in this post and later I'll add a post with self-signed certificates.