Cisco ISE connector provides actions like, list all active sessions, quarantine IP/Mac address, un-quarantine IP/Mac address etc.
This document provides information about the Cisco ISE connector, which facilitates automated interactions, with a Cisco ISE server using FortiSOAR™ playbooks. Add the Cisco ISE connector as a step in FortiSOAR™ playbooks and perform automated operations with Cisco ISE.
Connector Version: 2.1.1
Authored By: Community
Certified: No
Following enhancements have been made to the Cisco ISE connector in version 2.1.1:
error 406 when the response format was set to JSON.Use the Content Hub to install the connector. For the detailed procedure to install a connector, click here.
You can also use the yum command as a root user to install the connector:
yum install cyops-connector-cisco-ise
For the procedure to configure a connector, click here
In FortiSOAR™, on the Connectors page, click the Cisco ISE connector row (if you are in the Grid view on the Connectors page) and in the Configurations tab enter the required configuration details:
| Parameter | Description |
|---|---|
| Server URL | Specify the IP address or FQDN of the Cisco ISE server to which you will connect and perform the automated operations. |
| Username | Specify the username to access the Cisco ISE to which you will connect and perform the automated operations. |
| Password | Specify the password to access the Cisco ISE server to which you will connect and perform the automated operations. |
| ERS Port | The External RESTful Services (ERS) is a REST API based on HTTPS over port 9060. This is required to be specified for ERS API operations. |
| Verify SSL | Specifies whether the SSL certificate for the server is to be verified. By default, this option is selected, i.e., set to true. |
You can use the following automated operations in playbooks and also use the annotations to access operations:
| Function | Description | Annotation and Category |
|---|---|---|
| List All Active Sessions | Retrieves a list of all active sessions from Cisco ISE. | list_active_sessions Investigation |
| Get Internal User Details | Retrieves details of an internal user fromCisco ISE based on the user ID you have specified. | get_internal_user_details Investigation |
| List Internal Users | Retrieves all internal users or specific internal users from Cisco ISE based on your specified input parameters. | list_internal_users Investigation |
| Disable Internal User | Sets the status of an internal user to 'Disabled' in Cisco ISE based on the username you have specified. | disable_internal_user Containment |
| Enable Internal User | Sets the status of an internal user to 'Enabled' in Cisco ISE based on the username you have specified. | enable_internal_user Containment |
| List Guest Users | Retrieves all guest users or specific guest users from Cisco ISE based on your specified input parameters. | list_guest_users Investigation |
| Get Guest User Details | Retrieves details of a guest user from Cisco ISE based on the user ID you have specified. | get_guest_user_details Investigation |
| Suspend Guest User | Suspends a guest user from Cisco ISE based on the username you have specified. | suspend_guest_user Containment |
| Reinstate Guest User | Reinstates a guest user in Cisco ISE based on the username you have specified. | reinstate_guest_user Containment |
| EPS: Quarantine IP Address | Quarantines an IP address that you have specified on Cisco ISE. | quarantine_ip Containment |
| EPS: Quarantine MAC Address | Quarantines a MAC address that you have specified on Cisco ISE. | quarantine_mac Containment |
| EPS: Un-Quarantine IP Address | Removes an IP address that you have specified from the quarantine list on Cisco ISE. | unquarantine_ip Containment |
| EPS: Un-Quarantine MAC Address | Removes a MAC address that you have specified from the quarantine list on Cisco ISE. | unquarantine_mac Containment |
| End a Target MAC Address Session | Ends a session of the MAC address that you have specified on Cisco ISE. | end_session Miscellaneous |
| MAC Address Logout | Logs off a session of the MAC address that you have specified on Cisco ISE. | log_system_off Miscellaneous |
| Get Endpoints | Retrieves details for all ERS endpoints or a specific endpoint from Cisco ISE based on the endpoint ID or name and other input parameters you have specified. | get_ise_endpoint Investigation |
| Get ANC Endpoint | Retrieves details for all Adaptive Network Control (ANC) endpoints or a specific ANC endpoint from Cisco ISE based on the ANC Endpoint ID and other input parameters you have specified. | get_anc_endpoint Investigation |
| Create ANC Policy | Creates an ANC policy in Cisco ISE based on the ANC policy name and action you have specified. | create_policy Containment |
| Get ANC Policy | Retrieves details for all ANC policies or a specific ANC policy from Cisco ISE based on the policy ID or name and other input parameters you have specified. | get_anc_policy Investigation |
| Assign ANC Policy | Assigns a specific ANC policy to a MAC address or an IP address on Cisco ISE based on the policy or name and the MAC or IP address you have specified. | assign_policy Containment |
| Revoke ANC Policy | Revokes a specific ANC policy from a MAC address or an IP address on Cisco ISE based on the policy or name and the MAC or IP address you have specified. | revoke_policy Remediation |
None.
The output contains the following populated JSON schema:
{
"result": {
"activeList": {
"@noOfActiveSession": ""
}
},
"request_status": ""
}
| Parameter | Description |
|---|---|
| User ID | Specify the User ID of the internal user whose details you want to retrieve from Cisco ISE. Note: You can find out the internal User ID by using the 'List Internal Users' action. |
The output contains the following populated JSON schema:
{
"InternalUser": {
"id": "",
"link": {
"rel": "",
"href": "",
"type": ""
},
"name": "",
"enabled": "",
"lastName": "",
"password": "",
"firstName": "",
"changePassword": "",
"identityGroups": "",
"passwordIDStore": "",
"customAttributes": {
"Static-IPv4-Addr": ""
},
"expiryDateEnabled": ""
}
}
| Parameter | Description |
|---|---|
| User Name | (Optional) Specify the username of the internal user whose details you want to retrieve from Cisco ISE. |
| First Name | (Optional) Specify the first name of the internal user whose details you want to retrieve from Cisco ISE. |
| Last Name | (Optional) Specify the last name of the internal user whose details you want to retrieve from Cisco ISE. |
| Email Address | (Optional) Specify the email address of the internal user whose details you want to retrieve from Cisco ISE. |
| Size | (Optional) Specify the number of results that the operation should include per page. |
| Page | (Optional) Specify the page number from which you want to retrieve results. |
The output contains the following populated JSON schema:
{
"SearchResult": {
"total": "",
"nextPage": {
"rel": "",
"href": "",
"type": ""
},
"resources": [
{
"id": "",
"link": {
"rel": "",
"href": "",
"type": ""
},
"name": ""
}
]
}
}
| Parameter | Description |
|---|---|
| Username | Specify the username of an internal user whose status you want to set as 'Disabled'. |
The output contains the following populated JSON schema:
{
"UpdatedFieldsList": {
"updatedField": [
{
"field": "",
"newValue": "",
"oldValue": ""
}
]
}
}
| Parameter | Description |
|---|---|
| Username | Specify the username of an internal user whose status you want to set as 'Enabled'. |
The output contains the following populated JSON schema:
{
"UpdatedFieldsList": {
"updatedField": [
{
"field": "",
"newValue": "",
"oldValue": ""
}
]
}
}
| Parameter | Description |
|---|---|
| User Name | (Optional) Specify the username of the guest user whose details you want to retrieve from Cisco ISE. |
| First Name | (Optional) Specify the first name of the guest user whose details you want to retrieve from Cisco ISE. |
| Last Name | (Optional) Specify the last name of the guest user whose details you want to retrieve from Cisco ISE. |
| Email Address | (Optional) Specify the email of the guest user whose details you want to retrieve from Cisco ISE. |
| Sponsor Username | (Optional) Specify the username for the sponsor of the guest account whose details you want to retrieve from Cisco ISE. |
| Company | (Optional) Specify the company of the guest user whose details you want to retrieve from Cisco ISE. |
| Phone Number | (Optional) Specify the phone number of the guest user whose details you want to retrieve from Cisco ISE. Note: ThePhone number should be E.164 format, exp: +13211239034 |
| Size | (Optional) Specify the number of results that the operation should include per page. |
| Page | (Optional) Specify the page number from which you want to retrieve results. Page numbering starts on page 1. |
The output contains the following populated JSON schema:
{
"SearchResult": {
"total": "",
"resources": [
{
"id": "",
"name": "",
"description": "",
"link": {
"rel": "",
"href": "",
"type": ""
}
}
]
}
}
| Parameter | Description |
|---|---|
| User ID | Specify the User ID of the guest user whose details you want to retrieve from Cisco ISE. Note: You can find out the guest User ID by using the 'List Guest Users' action. |
The output contains the following populated JSON schema:
{
"GuestUser": {
"id": "",
"name": "",
"description": "",
"guestType": "",
"sponsorUserName": "",
"guestInfo": {
"userName": "",
"emailAddress": "",
"phoneNumber": "",
"password": "",
"enabled": "",
"smsServiceProvider": ""
},
"guestAccessInfo": {
"validDays": "",
"fromDate": "",
"toDate": "",
"location": ""
},
"portalId": "",
"customFields": {
"another key": "",
"some key": ""
},
"link": {
"rel": "",
"href": "",
"type": ""
}
}
}
| Parameter | Description |
|---|---|
| Guest Username | Specify the username of the guest user who you want to suspend from Cisco ISE |
The output contains the following populated JSON schema:
The output contains a non-dictionary value.
| Parameter | Description |
|---|---|
| Guest Username | Specify the username of the guest user who you want to reinstate in Cisco ISE |
The output contains the following populated JSON schema:
The output contains a non-dictionary value.
| Parameter | Description |
|---|---|
| Target IP Address | Specify the IP address of the device that you want to quarantine in Cisco ISE. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Target MAC Address | Specify the MAC address of the device that you want to quarantine on Cisco ISE. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Target IP Address | Specify the IP address of the device that you want to un-quarantine on Cisco ISE. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Target MAC Address | Specify the MAC address of the device you want to un-quarantine on Cisco ISE. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Target MAC Address | MAC address to end the session on Cisco ISE. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Target MAC Address | Specify the MAC address of the device that you want to log out from Cisco ISE. |
| Target Server Address | Specify the server address from which you want to log out the specified target machine. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Get Endpoint By | (Optional) Choose the method using which you want to retrieve endpoint details from Cisco ISE. You can choose between Endpoint ID or Endpoint Name. If you choose 'Endpoint ID', then you must specify the following parameter: Endpoint ID: ID of the ANC endpoint whose details you want to retrieve from Cisco ISE. If you choose 'Endpoint Name', then you must specify the following parameter: Endpoint Name: Name of the ANC endpoint whose details you want to retrieve from Cisco ISE. If you choose 'Endpoint ID'
|
| Size | (Optional) Specify the number of results that the operation should include per page. The search result is by default paged to 20 results per page. |
| Page | (Optional) Specify the page number from which you want to retrieve results. Page numbering starts on page 1. |
The output contains the following populated JSON schema:
Output schema when the "Get Endpoint By" is not specified:
{
"SearchResult": {
"total": "",
"resources": [
{
"id": "",
"name": "",
"link": {
"rel": "",
"href": "",
"type": ""
}
}
]
}
}
This is the default output schema:
{
"ERSEndPoint": {
"id": "",
"name": "",
"description": "",
"mac": "",
"profileId": "",
"staticProfileAssignment": "",
"groupId": "",
"staticGroupAssignment": "",
"portalUser": "",
"identityStore": "",
"identityStoreId": "",
"link": {
"rel": "",
"href": "",
"type": ""
}
}
}
| Parameter | Description |
|---|---|
| ANC Endpoint ID | (Optional) Specify the ID of the ANC endpoint whose details you want to retrieve from Cisco ISE. |
| Size | (Optional) Specify the number of results that the operation should include per page. The search result is by default paged to 20 resources per page. |
| Page | (Optional) Specify the page number from which you want to retrieve results. Page numbering starts on page 1. |
The output contains the following populated JSON schema:
Output schema when the "ANC Endpoint ID" is not specified:
{
"SearchResult": {
"total": "",
"resources": [
{
"link": {
"type": "",
"rel": "",
"href": ""
},
"id": ""
}
]
}
}
This is the default output schema:
{
"ErsAncEndpoint": {
"policyName": "",
"id": "",
"link": {
"rel": "",
"type": "",
"href": ""
},
"macAddress": ""
}
}
| Parameter | Description |
|---|---|
| ANC Policy Name | Specify the name of the policy that you want to create on Cisco ISE. |
| Action | Select the type of actions to be applied to the ANC policy that you want to create on Cisco ISE. You can choose from the following options: Quarantine, Portbounce, or Shutdown. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Get Policy By | (Optional) Choose the method using which you want to retrieve ANC Policies from Cisco ISE. You can choose between Policy ID or Policy Name. If you choose 'Policy ID', then you must specify the following parameter: Policy ID: ID of the ANC policy whose details you want to retrieve from Cisco ISE. If you choose 'Policy Name', then you must specify the following parameter: Policy Name: Name of the ANC policy whose details you want to retrieve from Cisco ISE. If you choose 'Policy ID'
|
| Size | (Optional) Specify the number of results that the operation should include per page. The search result is by default paged to 20 resources per page. |
| Page | (Optional) Specify the page number from which you want to retrieve results. Page numbering starts on page 1. |
The output contains the following populated JSON schema:
Output schema when the "Get Policy By" is not specified:
{
"SearchResult": {
"total": "",
"resources": [
{
"id": "",
"name": "",
"link": {
"rel": "",
"href": "",
"type": ""
}
}
]
}
}
This is the default output schema:
{
"ErsAncPolicy": {
"id": "",
"name": "",
"actions": [],
"link": {
"rel": "",
"href": "",
"type": ""
}
}
}
| Parameter | Description |
|---|---|
| ANC Policy Name | Specify the name of the ANC policy that you want to apply to a specific MAC or IP address on Cisco ISE. |
| Apply To | Choose whether you want to apply the specific ANC policy to a Mac Address or an IP address. If you choose 'IP Address', then you must specify the following parameter: IP Address: IP Address on which you want to apply the specified policy. If you choose 'MAC Address', then you must specify the following parameter: MAC Address: MAC Address on which you want to apply the specified policy. If you choose 'MAC Address'
|
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| ANC Policy Name | Specify the name of the ANC policy that you want to revoke from a specific MAC or IP address on Cisco ISE. |
| Revoke From | Choose whether you want to revoke the specific ANC policy from a Mac Address or an IP address. If you choose 'IP Address', then you must specify the following parameter: IP Address: IP Address from which you want to revoke the specified policy. If you choose 'MAC Address', then you must specify the following parameter: MAC Address: MAC Address from which you want to revoke the specified policy. If you choose 'MAC Address'
|
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
The Sample - Cisco ISE - 2.1.1 playbook collection comes bundled with the Cisco ISE connector. These playbooks contain steps using which you can perform all supported actions. You can see bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Cisco ISE connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.
Cisco ISE connector provides actions like, list all active sessions, quarantine IP/Mac address, un-quarantine IP/Mac address etc.
This document provides information about the Cisco ISE connector, which facilitates automated interactions, with a Cisco ISE server using FortiSOAR™ playbooks. Add the Cisco ISE connector as a step in FortiSOAR™ playbooks and perform automated operations with Cisco ISE.
Connector Version: 2.1.1
Authored By: Community
Certified: No
Following enhancements have been made to the Cisco ISE connector in version 2.1.1:
error 406 when the response format was set to JSON.Use the Content Hub to install the connector. For the detailed procedure to install a connector, click here.
You can also use the yum command as a root user to install the connector:
yum install cyops-connector-cisco-ise
For the procedure to configure a connector, click here
In FortiSOAR™, on the Connectors page, click the Cisco ISE connector row (if you are in the Grid view on the Connectors page) and in the Configurations tab enter the required configuration details:
| Parameter | Description |
|---|---|
| Server URL | Specify the IP address or FQDN of the Cisco ISE server to which you will connect and perform the automated operations. |
| Username | Specify the username to access the Cisco ISE to which you will connect and perform the automated operations. |
| Password | Specify the password to access the Cisco ISE server to which you will connect and perform the automated operations. |
| ERS Port | The External RESTful Services (ERS) is a REST API based on HTTPS over port 9060. This is required to be specified for ERS API operations. |
| Verify SSL | Specifies whether the SSL certificate for the server is to be verified. By default, this option is selected, i.e., set to true. |
You can use the following automated operations in playbooks and also use the annotations to access operations:
| Function | Description | Annotation and Category |
|---|---|---|
| List All Active Sessions | Retrieves a list of all active sessions from Cisco ISE. | list_active_sessions Investigation |
| Get Internal User Details | Retrieves details of an internal user fromCisco ISE based on the user ID you have specified. | get_internal_user_details Investigation |
| List Internal Users | Retrieves all internal users or specific internal users from Cisco ISE based on your specified input parameters. | list_internal_users Investigation |
| Disable Internal User | Sets the status of an internal user to 'Disabled' in Cisco ISE based on the username you have specified. | disable_internal_user Containment |
| Enable Internal User | Sets the status of an internal user to 'Enabled' in Cisco ISE based on the username you have specified. | enable_internal_user Containment |
| List Guest Users | Retrieves all guest users or specific guest users from Cisco ISE based on your specified input parameters. | list_guest_users Investigation |
| Get Guest User Details | Retrieves details of a guest user from Cisco ISE based on the user ID you have specified. | get_guest_user_details Investigation |
| Suspend Guest User | Suspends a guest user from Cisco ISE based on the username you have specified. | suspend_guest_user Containment |
| Reinstate Guest User | Reinstates a guest user in Cisco ISE based on the username you have specified. | reinstate_guest_user Containment |
| EPS: Quarantine IP Address | Quarantines an IP address that you have specified on Cisco ISE. | quarantine_ip Containment |
| EPS: Quarantine MAC Address | Quarantines a MAC address that you have specified on Cisco ISE. | quarantine_mac Containment |
| EPS: Un-Quarantine IP Address | Removes an IP address that you have specified from the quarantine list on Cisco ISE. | unquarantine_ip Containment |
| EPS: Un-Quarantine MAC Address | Removes a MAC address that you have specified from the quarantine list on Cisco ISE. | unquarantine_mac Containment |
| End a Target MAC Address Session | Ends a session of the MAC address that you have specified on Cisco ISE. | end_session Miscellaneous |
| MAC Address Logout | Logs off a session of the MAC address that you have specified on Cisco ISE. | log_system_off Miscellaneous |
| Get Endpoints | Retrieves details for all ERS endpoints or a specific endpoint from Cisco ISE based on the endpoint ID or name and other input parameters you have specified. | get_ise_endpoint Investigation |
| Get ANC Endpoint | Retrieves details for all Adaptive Network Control (ANC) endpoints or a specific ANC endpoint from Cisco ISE based on the ANC Endpoint ID and other input parameters you have specified. | get_anc_endpoint Investigation |
| Create ANC Policy | Creates an ANC policy in Cisco ISE based on the ANC policy name and action you have specified. | create_policy Containment |
| Get ANC Policy | Retrieves details for all ANC policies or a specific ANC policy from Cisco ISE based on the policy ID or name and other input parameters you have specified. | get_anc_policy Investigation |
| Assign ANC Policy | Assigns a specific ANC policy to a MAC address or an IP address on Cisco ISE based on the policy or name and the MAC or IP address you have specified. | assign_policy Containment |
| Revoke ANC Policy | Revokes a specific ANC policy from a MAC address or an IP address on Cisco ISE based on the policy or name and the MAC or IP address you have specified. | revoke_policy Remediation |
None.
The output contains the following populated JSON schema:
{
"result": {
"activeList": {
"@noOfActiveSession": ""
}
},
"request_status": ""
}
| Parameter | Description |
|---|---|
| User ID | Specify the User ID of the internal user whose details you want to retrieve from Cisco ISE. Note: You can find out the internal User ID by using the 'List Internal Users' action. |
The output contains the following populated JSON schema:
{
"InternalUser": {
"id": "",
"link": {
"rel": "",
"href": "",
"type": ""
},
"name": "",
"enabled": "",
"lastName": "",
"password": "",
"firstName": "",
"changePassword": "",
"identityGroups": "",
"passwordIDStore": "",
"customAttributes": {
"Static-IPv4-Addr": ""
},
"expiryDateEnabled": ""
}
}
| Parameter | Description |
|---|---|
| User Name | (Optional) Specify the username of the internal user whose details you want to retrieve from Cisco ISE. |
| First Name | (Optional) Specify the first name of the internal user whose details you want to retrieve from Cisco ISE. |
| Last Name | (Optional) Specify the last name of the internal user whose details you want to retrieve from Cisco ISE. |
| Email Address | (Optional) Specify the email address of the internal user whose details you want to retrieve from Cisco ISE. |
| Size | (Optional) Specify the number of results that the operation should include per page. |
| Page | (Optional) Specify the page number from which you want to retrieve results. |
The output contains the following populated JSON schema:
{
"SearchResult": {
"total": "",
"nextPage": {
"rel": "",
"href": "",
"type": ""
},
"resources": [
{
"id": "",
"link": {
"rel": "",
"href": "",
"type": ""
},
"name": ""
}
]
}
}
| Parameter | Description |
|---|---|
| Username | Specify the username of an internal user whose status you want to set as 'Disabled'. |
The output contains the following populated JSON schema:
{
"UpdatedFieldsList": {
"updatedField": [
{
"field": "",
"newValue": "",
"oldValue": ""
}
]
}
}
| Parameter | Description |
|---|---|
| Username | Specify the username of an internal user whose status you want to set as 'Enabled'. |
The output contains the following populated JSON schema:
{
"UpdatedFieldsList": {
"updatedField": [
{
"field": "",
"newValue": "",
"oldValue": ""
}
]
}
}
| Parameter | Description |
|---|---|
| User Name | (Optional) Specify the username of the guest user whose details you want to retrieve from Cisco ISE. |
| First Name | (Optional) Specify the first name of the guest user whose details you want to retrieve from Cisco ISE. |
| Last Name | (Optional) Specify the last name of the guest user whose details you want to retrieve from Cisco ISE. |
| Email Address | (Optional) Specify the email of the guest user whose details you want to retrieve from Cisco ISE. |
| Sponsor Username | (Optional) Specify the username for the sponsor of the guest account whose details you want to retrieve from Cisco ISE. |
| Company | (Optional) Specify the company of the guest user whose details you want to retrieve from Cisco ISE. |
| Phone Number | (Optional) Specify the phone number of the guest user whose details you want to retrieve from Cisco ISE. Note: ThePhone number should be E.164 format, exp: +13211239034 |
| Size | (Optional) Specify the number of results that the operation should include per page. |
| Page | (Optional) Specify the page number from which you want to retrieve results. Page numbering starts on page 1. |
The output contains the following populated JSON schema:
{
"SearchResult": {
"total": "",
"resources": [
{
"id": "",
"name": "",
"description": "",
"link": {
"rel": "",
"href": "",
"type": ""
}
}
]
}
}
| Parameter | Description |
|---|---|
| User ID | Specify the User ID of the guest user whose details you want to retrieve from Cisco ISE. Note: You can find out the guest User ID by using the 'List Guest Users' action. |
The output contains the following populated JSON schema:
{
"GuestUser": {
"id": "",
"name": "",
"description": "",
"guestType": "",
"sponsorUserName": "",
"guestInfo": {
"userName": "",
"emailAddress": "",
"phoneNumber": "",
"password": "",
"enabled": "",
"smsServiceProvider": ""
},
"guestAccessInfo": {
"validDays": "",
"fromDate": "",
"toDate": "",
"location": ""
},
"portalId": "",
"customFields": {
"another key": "",
"some key": ""
},
"link": {
"rel": "",
"href": "",
"type": ""
}
}
}
| Parameter | Description |
|---|---|
| Guest Username | Specify the username of the guest user who you want to suspend from Cisco ISE |
The output contains the following populated JSON schema:
The output contains a non-dictionary value.
| Parameter | Description |
|---|---|
| Guest Username | Specify the username of the guest user who you want to reinstate in Cisco ISE |
The output contains the following populated JSON schema:
The output contains a non-dictionary value.
| Parameter | Description |
|---|---|
| Target IP Address | Specify the IP address of the device that you want to quarantine in Cisco ISE. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Target MAC Address | Specify the MAC address of the device that you want to quarantine on Cisco ISE. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Target IP Address | Specify the IP address of the device that you want to un-quarantine on Cisco ISE. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Target MAC Address | Specify the MAC address of the device you want to un-quarantine on Cisco ISE. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Target MAC Address | MAC address to end the session on Cisco ISE. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Target MAC Address | Specify the MAC address of the device that you want to log out from Cisco ISE. |
| Target Server Address | Specify the server address from which you want to log out the specified target machine. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Get Endpoint By | (Optional) Choose the method using which you want to retrieve endpoint details from Cisco ISE. You can choose between Endpoint ID or Endpoint Name. If you choose 'Endpoint ID', then you must specify the following parameter: Endpoint ID: ID of the ANC endpoint whose details you want to retrieve from Cisco ISE. If you choose 'Endpoint Name', then you must specify the following parameter: Endpoint Name: Name of the ANC endpoint whose details you want to retrieve from Cisco ISE. If you choose 'Endpoint ID'
|
| Size | (Optional) Specify the number of results that the operation should include per page. The search result is by default paged to 20 results per page. |
| Page | (Optional) Specify the page number from which you want to retrieve results. Page numbering starts on page 1. |
The output contains the following populated JSON schema:
Output schema when the "Get Endpoint By" is not specified:
{
"SearchResult": {
"total": "",
"resources": [
{
"id": "",
"name": "",
"link": {
"rel": "",
"href": "",
"type": ""
}
}
]
}
}
This is the default output schema:
{
"ERSEndPoint": {
"id": "",
"name": "",
"description": "",
"mac": "",
"profileId": "",
"staticProfileAssignment": "",
"groupId": "",
"staticGroupAssignment": "",
"portalUser": "",
"identityStore": "",
"identityStoreId": "",
"link": {
"rel": "",
"href": "",
"type": ""
}
}
}
| Parameter | Description |
|---|---|
| ANC Endpoint ID | (Optional) Specify the ID of the ANC endpoint whose details you want to retrieve from Cisco ISE. |
| Size | (Optional) Specify the number of results that the operation should include per page. The search result is by default paged to 20 resources per page. |
| Page | (Optional) Specify the page number from which you want to retrieve results. Page numbering starts on page 1. |
The output contains the following populated JSON schema:
Output schema when the "ANC Endpoint ID" is not specified:
{
"SearchResult": {
"total": "",
"resources": [
{
"link": {
"type": "",
"rel": "",
"href": ""
},
"id": ""
}
]
}
}
This is the default output schema:
{
"ErsAncEndpoint": {
"policyName": "",
"id": "",
"link": {
"rel": "",
"type": "",
"href": ""
},
"macAddress": ""
}
}
| Parameter | Description |
|---|---|
| ANC Policy Name | Specify the name of the policy that you want to create on Cisco ISE. |
| Action | Select the type of actions to be applied to the ANC policy that you want to create on Cisco ISE. You can choose from the following options: Quarantine, Portbounce, or Shutdown. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Get Policy By | (Optional) Choose the method using which you want to retrieve ANC Policies from Cisco ISE. You can choose between Policy ID or Policy Name. If you choose 'Policy ID', then you must specify the following parameter: Policy ID: ID of the ANC policy whose details you want to retrieve from Cisco ISE. If you choose 'Policy Name', then you must specify the following parameter: Policy Name: Name of the ANC policy whose details you want to retrieve from Cisco ISE. If you choose 'Policy ID'
|
| Size | (Optional) Specify the number of results that the operation should include per page. The search result is by default paged to 20 resources per page. |
| Page | (Optional) Specify the page number from which you want to retrieve results. Page numbering starts on page 1. |
The output contains the following populated JSON schema:
Output schema when the "Get Policy By" is not specified:
{
"SearchResult": {
"total": "",
"resources": [
{
"id": "",
"name": "",
"link": {
"rel": "",
"href": "",
"type": ""
}
}
]
}
}
This is the default output schema:
{
"ErsAncPolicy": {
"id": "",
"name": "",
"actions": [],
"link": {
"rel": "",
"href": "",
"type": ""
}
}
}
| Parameter | Description |
|---|---|
| ANC Policy Name | Specify the name of the ANC policy that you want to apply to a specific MAC or IP address on Cisco ISE. |
| Apply To | Choose whether you want to apply the specific ANC policy to a Mac Address or an IP address. If you choose 'IP Address', then you must specify the following parameter: IP Address: IP Address on which you want to apply the specified policy. If you choose 'MAC Address', then you must specify the following parameter: MAC Address: MAC Address on which you want to apply the specified policy. If you choose 'MAC Address'
|
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| ANC Policy Name | Specify the name of the ANC policy that you want to revoke from a specific MAC or IP address on Cisco ISE. |
| Revoke From | Choose whether you want to revoke the specific ANC policy from a Mac Address or an IP address. If you choose 'IP Address', then you must specify the following parameter: IP Address: IP Address from which you want to revoke the specified policy. If you choose 'MAC Address', then you must specify the following parameter: MAC Address: MAC Address from which you want to revoke the specified policy. If you choose 'MAC Address'
|
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
The Sample - Cisco ISE - 2.1.1 playbook collection comes bundled with the Cisco ISE connector. These playbooks contain steps using which you can perform all supported actions. You can see bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Cisco ISE connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.