Cisco ISE integration for Remote Authentication (TACACS+)

Hi team,

At a PoC last week, did an integration of ECA with Cisco ISE (TACACS+) for remoteAuth; sharing it with the wider group:

//Under Remote Authentication >> Methods; select TACACS+; configure host, secret, timeout

//Once you save, select ‘Obtain privileges level from remote server’:


//Configuration on Cisco ISE: Created ‘network devices’ for the ExtraHop devices:

//Bound them to a policy name of “ExtraHop” and gave them a type of “ExtraHop” to be used within the policies.

//Created 2 TACACS Profiles, one for a ReadOnly type and another for a ReadWrite FULL access.

//“Write Access” profile is as per below:

//“Read Only” profile is as per below:

//This all then forms the policy:

1 Like