Home > Cisco > Interface > Cisco Ise 13 User Guide

Cisco Ise 13 User Guide

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Cisco Ise 13 User Guide. The Cisco manuals for Interface are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 671

    Page 671 CHAPTER 25 Monitoring and Troubleshooting •MonitoringandTroubleshootingServiceinCiscoISE,page625 •DeviceConfigurationforMonitoring,page627 •NetworkProcessStatus,page627 •NetworkAuthentications,page628 •ProfilerActivityandProfiledEndpoints,page628 •TroubleshootingtheProfilerFeed,page629 •PostureCompliance,page629 •CiscoISEAlarms,page630 •LogCollection,page641 •LiveAuthentications,page641 •GlobalSearchforEndpoints,page643 •SessionTraceforanEndpoint,page644 •AuthenticationSummaryReport,page646... 
    CHAPTER 25
Monitoring and Troubleshooting
•MonitoringandTroubleshootingServiceinCiscoISE,page625
•DeviceConfigurationforMonitoring,page627
•NetworkProcessStatus,page627
•NetworkAuthentications,page628
•ProfilerActivityandProfiledEndpoints,page628
•TroubleshootingtheProfilerFeed,page629
•PostureCompliance,page629
•CiscoISEAlarms,page630
•LogCollection,page641
•LiveAuthentications,page641
•GlobalSearchforEndpoints,page643
•SessionTraceforanEndpoint,page644
•AuthenticationSummaryReport,page646...

    Page 672

    Page 672 •Troubleshooting—Providescontextualguidanceforresolvingaccessissuesonnetworks.Youcanthen addressuserconcernsandprovidearesolutioninatimelymanner. •Reporting—Providesacatalogofstandardreportsthatyoucanusetoanalyzetrendsandmonitorsystem performanceandnetworkactivities.Youcancustomizereportsinvariouswaysandsavethemforfuture use. Cisco ISE Dashboard TheCiscoISEdashboard,orhomepage(Home>Summary),isthelandingpagethatappearsafteryoulog... 
    •Troubleshooting—Providescontextualguidanceforresolvingaccessissuesonnetworks.Youcanthen
addressuserconcernsandprovidearesolutioninatimelymanner.
•Reporting—Providesacatalogofstandardreportsthatyoucanusetoanalyzetrendsandmonitorsystem
performanceandnetworkactivities.Youcancustomizereportsinvariouswaysandsavethemforfuture
use.
Cisco ISE Dashboard
TheCiscoISEdashboard,orhomepage(Home>Summary),isthelandingpagethatappearsafteryoulog...

    Page 673

    Page 673 DescriptionProcess Stage NADperformsanauthorizationorflexauthorization.1 Anunknownagentlessidentityisprofiledwithwebauthorization.2 RADIUSserverauthenticatesandauthorizestheidentity.3 Authorizationisprovisionedfortheidentityattheport.4 Unauthorizedendpointtrafficisdropped.5 User Roles and Permissions for Monitoring and Troubleshooting Capabilities Monitoringandtroubleshootingcapabilitiesareassociatedwithdefaultuserroles.Thetasksyouareallowed toperformaredirectlyrelatedtoyourassigneduserrole. Data Stored... 
    DescriptionProcess Stage
NADperformsanauthorizationorflexauthorization.1
Anunknownagentlessidentityisprofiledwithwebauthorization.2
RADIUSserverauthenticatesandauthorizestheidentity.3
Authorizationisprovisionedfortheidentityattheport.4
Unauthorizedendpointtrafficisdropped.5
User Roles and Permissions for Monitoring and Troubleshooting Capabilities
Monitoringandtroubleshootingcapabilitiesareassociatedwithdefaultuserroles.Thetasksyouareallowed
toperformaredirectlyrelatedtoyourassigneduserrole.
Data Stored...

    Page 674

    Page 674 Monitor Network Process Status Procedure Step 1GototheCiscoISEDashboard. Step 2ExpandtheSystemSummarydashlet.Adetailedreal-timereportappears. Step 3Reviewthefollowinginformationfortheprocessesthatarerunningonthenetwork: •Nameoftheprocess •CPUandmemoryutilization •Timesinceprocessstartedrunning Network Authentications YoucanviewthepassedandfailednetworkauthenticationsfromtheAuthenticationsdashlet.Itprovidesdata... 
    Monitor Network Process Status
Procedure
Step 1GototheCiscoISEDashboard.
Step 2ExpandtheSystemSummarydashlet.Adetailedreal-timereportappears.
Step 3Reviewthefollowinginformationfortheprocessesthatarerunningonthenetwork:
•Nameoftheprocess
•CPUandmemoryutilization
•Timesinceprocessstartedrunning
Network Authentications
YoucanviewthepassedandfailednetworkauthenticationsfromtheAuthenticationsdashlet.Itprovidesdata...

    Page 675

    Page 675 currentlyactiveonthenetwork.Sparklinemetricsatthetopofthedashletshowtimespecificvaluesforthe last24hoursand60minutes. Determine Profiler Activity and Profiled Endpoints Procedure Step 1GototheCiscoISEDashboard. Step 2IntheProfilerActivitydashlet,hoveryourcursoroverastackbarorsparkline. Atooltipprovidesdetailedinformation. Step 3Expandthedatacategoriesformoreinformation. Step 4ExpandtheProfilerActivitydashlet. Adetailedreal-timereportappears. Troubleshooting the Profiler Feed... 
    currentlyactiveonthenetwork.Sparklinemetricsatthetopofthedashletshowtimespecificvaluesforthe
last24hoursand60minutes.
Determine Profiler Activity and Profiled Endpoints
Procedure
Step 1GototheCiscoISEDashboard.
Step 2IntheProfilerActivitydashlet,hoveryourcursoroverastackbarorsparkline.
Atooltipprovidesdetailedinformation.
Step 3Expandthedatacategoriesformoreinformation.
Step 4ExpandtheProfilerActivitydashlet.
Adetailedreal-timereportappears.
Troubleshooting the Profiler Feed...

    Page 676

    Page 676 Check Posture Compliance Procedure Step 1GototheCiscoISEDashboard. Step 2InthePostureCompliancedashlet,hoveryourcursoroverastackbarorsparkline. Atooltipprovidesdetailedinformation. Step 3Expandthedatacategoriesformoreinformation. Step 4ExpandthePostureCompliancedashlet. Adetailedreal-timereportappears. Cisco ISE Alarms AlarmsnotifyyouofcriticalconditionsonanetworkandaredisplayedintheAlarmsdashlet.Theyalso provideinformationonsystemactivities,suchasdatapurgeevents.Youcanconfigurehowyouwanttobe... 
    Check Posture Compliance
Procedure
Step 1GototheCiscoISEDashboard.
Step 2InthePostureCompliancedashlet,hoveryourcursoroverastackbarorsparkline.
Atooltipprovidesdetailedinformation.
Step 3Expandthedatacategoriesformoreinformation.
Step 4ExpandthePostureCompliancedashlet.
Adetailedreal-timereportappears.
Cisco ISE Alarms
AlarmsnotifyyouofcriticalconditionsonanetworkandaredisplayedintheAlarmsdashlet.Theyalso
provideinformationonsystemactivities,suchasdatapurgeevents.Youcanconfigurehowyouwanttobe...

    Page 677

    Page 677 Alarm ResolutionAlarm DescriptionAlarm Name Checkthenetworkconnectivity betweenCiscoISEandtherepository. Ensurethat: •Thecredentialsusedforthe repositoryiscorrect. •Thereissufficientdiskspacein therepository. •Therepositoryuserhaswrite privileges. TheISEbackupoperationfailed.BackupFailed ChecktomakesurethattheCA servicesareupandrunningontheCA server. CAserverisdown.CAServerisdown Anotificationtoinformthe administratorthattheCAserverisup. CAserverisup.CAServerisUp Replacethecertificate.Foratrust... 
    Alarm ResolutionAlarm DescriptionAlarm Name
Checkthenetworkconnectivity
betweenCiscoISEandtherepository.
Ensurethat:
•Thecredentialsusedforthe
repositoryiscorrect.
•Thereissufficientdiskspacein
therepository.
•Therepositoryuserhaswrite
privileges.
TheISEbackupoperationfailed.BackupFailed
ChecktomakesurethattheCA
servicesareupandrunningontheCA
server.
CAserverisdown.CAServerisdown
Anotificationtoinformthe
administratorthattheCAserverisup.
CAserverisup.CAServerisUp
Replacethecertificate.Foratrust...

    Page 678

    Page 678 Alarm ResolutionAlarm DescriptionAlarm Name Thecertificateisnotvalidonthe secondarynode,orthereissomeother permanenterrorcondition.Checkthe secondarynodeforapre-existing, conflictingcertificate.Iffound,delete thepre-existingcertificateonthe secondarynode,andexportthenew certificateontheprimary,deleteit,and importitinordertoreattempt replication. Certificatereplicationtosecondarynode failed CertificateReplication Failed Thecertificatewasnotreplicatedtoa secondarynodeduetoatemporary... 
    Alarm ResolutionAlarm DescriptionAlarm Name
Thecertificateisnotvalidonthe
secondarynode,orthereissomeother
permanenterrorcondition.Checkthe
secondarynodeforapre-existing,
conflictingcertificate.Iffound,delete
thepre-existingcertificateonthe
secondarynode,andexportthenew
certificateontheprimary,deleteit,and
importitinordertoreattempt
replication.
Certificatereplicationtosecondarynode
failed
CertificateReplication
Failed
Thecertificatewasnotreplicatedtoa
secondarynodeduetoatemporary...

    Page 679

    Page 679 Alarm ResolutionAlarm DescriptionAlarm Name ContactCiscoTechnicalAssistance Centertoobtainfirmwareupdate Afirmwareupdateisrequiredonthis host. FirmwareUpdate Required Ensurethataminimumrequirements fortheVMhost,asspecifiedinthe CiscoISEHardwareInstallationGuide. VirtualMachine(VM)resourcessuch asCPU,RAM,DiskSpace,orIOPSare insufficientonthishost. InsufficientVirtual MachineResources Thiscouldbebecausethereisalarge timedifferencebetweenNTPserver andCiscoISEnode(morethan1000s).... 
    Alarm ResolutionAlarm DescriptionAlarm Name
ContactCiscoTechnicalAssistance
Centertoobtainfirmwareupdate
Afirmwareupdateisrequiredonthis
host.
FirmwareUpdate
Required
Ensurethataminimumrequirements
fortheVMhost,asspecifiedinthe
CiscoISEHardwareInstallationGuide.
VirtualMachine(VM)resourcessuch
asCPU,RAM,DiskSpace,orIOPSare
insufficientonthishost.
InsufficientVirtual
MachineResources
Thiscouldbebecausethereisalarge
timedifferencebetweenNTPserver
andCiscoISEnode(morethan1000s)....

    Page 680

    Page 680 Alarm ResolutionAlarm DescriptionAlarm Name Ensurethenetworkconnectivity betweenCiscoISEandtherepository. Ensurethatthecredentialsusedforthe repositoryiscorrect.Ensurethatthe backupfileisnotcorrupted.Execute thereset-configcommandfromthe CLIandrestorethelastknowngood backup. CiscoISErestoreoperationfailed.RestoreFailed Re-installthepatchprocessonthe server. Apatchprocesshasfailedontheserver.PatchFailure -Apatchprocesshassucceededonthe server. PatchSuccess EnsurethattheMDMserverAPI... 
    Alarm ResolutionAlarm DescriptionAlarm Name
Ensurethenetworkconnectivity
betweenCiscoISEandtherepository.
Ensurethatthecredentialsusedforthe
repositoryiscorrect.Ensurethatthe
backupfileisnotcorrupted.Execute
thereset-configcommandfromthe
CLIandrestorethelastknowngood
backup.
CiscoISErestoreoperationfailed.RestoreFailed
Re-installthepatchprocessonthe
server.
Apatchprocesshasfailedontheserver.PatchFailure
-Apatchprocesshassucceededonthe
server.
PatchSuccess
EnsurethattheMDMserverAPI...
    Start reading Cisco Ise 13 User Guide

    Related Manuals for Cisco Ise 13 User Guide

    All Cisco manuals