Cisco Security Suite 3.0.1 – Now with ISE

Security Jason Conger

The Cisco Security Suite was recently updated to work with Splunk 6. As mentioned in the previous release, one release is not enough to get all the Cisco security related information integrated into the suite. With version 3.0.1 of the Cisco Security Suite, Cisco Identity Services Engine (ISE) has been added. Over 20 ISE-related dashboards have been integrated into the suite.

Cisco with ISE

ISE is really powerful and adds a lot of additional data that can be correlated. For instance, say you have an IP address from somewhere in your environment. ISE can tell you which user is using that IP, what type of device the user is using, the posture of the device, and much more. Therefore, in addition to ISE being integrated into the Cisco Security Suite, a separate application has been published that focuses only on ISE.

Download Cisco Security Suite 3.0.1 here -> http://apps.splunk.com/app/525/

Download the ISE-only app here -> http://apps.splunk.com/app/1589/

/en_us/blog/fragments/digital-resilience-pays-off
Style
two-column

Related Articles

Accelerate Rare Event Model Computation by Customizing Cardinality Constraints
Security
5 Minute Read

Accelerate Rare Event Model Computation by Customizing Cardinality Constraints

Splunker Xiao Lin explores how 'cardinalitySizeLimit' works, its impact on UBA performance, and how to leverage this feature to enhance threat detection.
Endpoint Security Data Collection Strategy: Splunk UF, uberAgent, or Sysmon?
Security
4 Minute Read

Endpoint Security Data Collection Strategy: Splunk UF, uberAgent, or Sysmon?

Many threats originate from the endpoint and detecting them requires insights into what happens on the endpoint. In this post we look at different endpoint activity data sources, comparing the benefits and capabilities of Splunk Universal Forwarder with vast limits uberAgent and homegrown solutions.
DarkSide Ransomware: Splunk Threat Update and Detections
Security
6 Minute Read

DarkSide Ransomware: Splunk Threat Update and Detections

Splunk Threat Research Team (STRT) replicated the DarkSide Ransomware Attack and has released an Analytic Story with several detection searches directed at community shared IOCs.
/en_us/blog/fragments/about-splunk
/en_us/blog/fragments/subscribe-footer