Cisco pxGrid & pxGrid Direct

Cisco Platform Exchange Grid (pxGrid) is a framework that enables organizations to build a more integrated and effective security infrastructure by allowing real-time exchange of contextual information via cross-platform, multivendor collaboration between diverse aspects of an organization’s IT infrastructure, such as IPS/IDS,, Anti-Virus Solutions, Policy platforms, asset and configuration management, and Identity and Access Management platforms, to name a few.

What is pxGrid

The pxGrid framework allows organizations to exchange contextual information with pxGrid-supported Cisco solutions, such as Cisco ISE, Cisco Secure Endpoint (CSE), and Cisco Secure Network Analytics (CSNA), as well as ecosystem partners. pxGrid is an open framework that supports standards-based APIs and protocols, which allows it to easily integrate with both Cisco and third-party security solutions, as well as provide an extensible architecture that allows development teams to build custom applications and services on top of the platform.

With pxGrid, integration is enabled from a single pxGrid integration point, which allows for the sharing of contextual information bidirectionally or unidirectionally without the need to utilize platform APIs at each integration point.

The solution is also secure and can be customized to the needs of the organization, allowing partners to share certain parts of their infrastructure and, in turn, only ingest contextual data relevant to the needs of the business.

The ability to seamlessly integrate allows the organizations’ existing security solutions to work together more effectively to bolster each other, which ensures minimal gaps in security coverage.

pxGrid also facilitates the real-time exchange of contextual information, such as user identity, device posture, authentication status, security events, and threat intelligence, between different security and network platforms, which, in turn, enables faster threat detection, automated policy enforcement and more efficient incident response actions across the network.

The solution is also scalable, which allows it to adapt and grow alongside the needs of the business. In addition to flexibility, pxGrid offers centralized management for the configuration and management to simplify the integration process, as well as allow administrators to control access to sensitive information and effectively enforce security policies.

CMDB and Cisco ISE pxGrid Direct

Configuration Management Database (CMDB) refers to a database used by an organization to store information around hardware and software assets, referred to as Configuration Items (CIs). CMDB solutions provide insight into assets and how they’re connected company-wide, which is then utilized for, but not limited to:

• Service Impact Analysis
• Root Cause Analysis
• Identifying Vulnerabilities
• Proactive Identification of Potential Vulnerabilities
• Service Impact Analysis

CIs can refer to, but is not limited to:

• Unique Identifiers
• Model #, Hostname
• Ownership
• Criticality, Environment and Location Data
• Lifecycle Status (Active, Quarantine, etc.)
• Device Creation, Activation, Expiration Dates
• Security Authorization Profiles (VLAN, ACL, SGT)

Although ISE doesn't have its own CMDB, it does have the ability to integrate with other systems that do, such as IT service management (ITSM) platforms or Network Management Systems (NMS), to exchange information and maintain a more comprehensive view of the network environment.

This integration allows organizations to leverage the information stored in their CMDB alongside the Identity and Access Management data in Cisco ISE for better visibility and control over their network infrastructure.

pxGrid Direct

New in ISE 3.2 and above, pxGrid Direct is a feature in Cisco ISE that allows for real-time sharing of contextual information and security intelligence among multiple security and network platforms.

Prior to this release, ingesting endpoint data from external systems CMDB systems into ISE was only possible if pre-built integrations existed between the two systems. 

pxGrid Direct, an open integrations framework, enables the syncing of endpoint data from any external system using REST APIs or other standard methods, without requiring ISE-specific code development on the partner solution side or an intermediary device.

With pxGrid Direct, ISE is able to integrate with any external database that is able to export its database tables in a JSON format.

From there, the JSON data will be parsed out and replicated to the other ISE nodes/PSNs, at which point it will be available for use in authentication and authorization rules, as well as the ability to potentially add this data into Authorization profiles and other CMDB use-cases.

For more information on how to implement pxGrid into your environment, please reach out to the ModernCyber team for more information around our Professional Services, Deployment Evaluation, and Enablement services.