At a PoC last week, did an integration of ECA with Cisco ISE (TACACS+) for remoteAuth; sharing it with the wider group:
//Under Remote Authentication >> Methods; select TACACS+; configure host, secret, timeout
//Once you save, select ‘Obtain privileges level from remote server’:
//Configuration on Cisco ISE: Created ‘network devices’ for the ExtraHop devices:
//Bound them to a policy name of “ExtraHop” and gave them a type of “ExtraHop” to be used within the policies.
//Created 2 TACACS Profiles, one for a ReadOnly type and another for a ReadWrite FULL access.
//“Write Access” profile is as per below:
//“Read Only” profile is as per below:
//This all then forms the policy: