Cisco Platform Exchange Grid Cloud

Today we rely on multiple technology solutions to meet the security and reliability needs of our network. Cisco Platform Exchange Grid (pxGrid) Cloud bridges the gap created by these siloed applications by providing a unified framework that enables seamless data integration between various cloud applications and on-premise Cisco Identity Services Engine (Cisco ISE). pxGrid Cloud is customizable, enabling you to share and consume only the data that is relevant to your situation.

ISE customers with Advantage license can register their on-premise ISE deployment with pxGrid Cloud. ISE Release 3.1 Patch 3 and later support pxGrid Cloud. Cisco and its partners can develop pxGrid Cloud-based applications and register them with the pxGrid Cloud offer. These applications use the External RESTful Services (ERS) and pxGrid APIs to exchange information with Cisco ISE. The use cases addressed vary by the application that is onboarded. To learn more about specific application integrations, login here.

We invite partners to onboard their applications to pxGrid Cloud and utilize all the benefits that it offers. For example, you can create an app that can retrieve the session and endpoint data from ISE.

Cisco pxGrid Cloud offers the following benefits:

  • Secure connection to the internet for cloud ecosystem integration.
  • Plug and play deployment without requiring infrastructure changes to your network.
  • Cisco ISE as a single source of truth for endpoint identity by delivering consistent context exchange with on-prem and cloud partners.
  • Enrichment of SaaS-based security analysis with real-time endpoint context from on-prem security products.
  • Threat containment by isolating endpoints from the network through actions initiated from the security SaaS solutions.

Important Terms

  • Offer: A set of capabilities packaged together and offered as a solution.
  • App: An app connector or application service catalogue entry in pxGrid Cloud App Store.
  • Customer: A user who integrates their ISE deployment with the pxGrid Cloud.
  • Developing Partner: A user who will be developing an application service.
  • Tenant: An organization is represented as a tenant. Sometimes, an organization can have more than one tenant (for different business units or different locations).
  • Subscription: An instance of an offer being consumed by a tenant is a subscription.
  • Device: A device (also called as a product) is any on-prem asset (physical or virtual). A Cisco ISE deployment is a device for pxGrid Cloud.

pxGrid Cloud Onboarding

The Cisco pxGrid Cloud Onboarding Guide walks partners through the onboarding process for pxGrid Cloud.

pxGrid Cloud Onboarding Elements

Note: The pxGrid Cloud SDK is only available in Go. If you are using Go for development, the SDK is recommended. For development in languages other than Go, the API can be directly accessed.

This document is for developers and onboarding partners. We recommend that other users refer to the pxGrid Cloud Solution Guide to configure pxGrid Cloud.

User Legacy Flow Simplified Flow (Cisco ISE Release 3.4 Patch 1)
Onboarding Partner
  • Cloud: Create Cisco Account
  • App: Request for new App ID
  • App: Develop with SDK or API
  • Cloud: Activate App at dna.cisco.com
  • App: Link tenant with OTP
  • Cloud: Add ISE at dna.cisco.com
  • ISE: Connect to pxGrid Cloud with OTP
  • Cloud: Create Cisco Account
  • App: Request for new App ID
  • App: Develop with SDK or API
  • ISE: Connect to pxGrid Cloud
  • ISE: Activate App from Integration Catalog
  • App: Link tenant with OTP
  • Cloud: Add ISE to App
Other Users
  • Cloud: Create Cisco Account
  • Cloud: Activate App at dna.cisco.com
  • App: Link tenant with OTP
  • Cloud: Add ISE at dna.cisco.com
  • ISE: Connect pxGrid Cloud with OTP
  • Cloud: Add ISE to App
  • ISE: Create Cisco Account
  • ISE: Connect to pxGrid Cloud
  • ISE: Activate App from Integration Catalog
  • App: Link tenant with OTP

Continue to the next section to start the pxGrid Cloud onboarding journey.