LDAP Configuration in Cisco Secure Workload (Cisco Tetration)

LDAP Configuration in Cisco Secure Workload (Cisco Tetration)

Cisco Secure Workload (Cisco Tetration) Analytics provides application behavior-based policy lifecycle management for Cisco Tetration Platform to help address critical data center operational use cases

To address critical operational use cases, Cisco Tetration Analytics allows the administrator to gain complete visibility into traffic flows across your data center, in real-time

Fig 1.1- Cisco Secure Workload with LDAP

Cisco Secure Workload (Cisco Tetration) authentication can be handed off to Lightweight Directory Access Protocol (LDAP) . This means that once this is enabled all users signing in will use the chosen mechanism to authenticate. 

It is important to establish that the LDAP connection is configured correctly, especially if no users are on the ‘Use Local Authentication’ option. 

Note: Micro-segmentation policies can be extended to include users, user groups, etc. with the integration with LDAP server (up to six LDAP attributes) which means that Users are able to extend micro-segmentation policies based on user groups, users, etc. through integration with an LDAP server.

The recommended approach is to have at least one locally authenticated user with Site Admin credentials by turning on the ‘Use Local Authentication’ option. 

This user can make sure that the LDAP configuration is setup correctly. Once the connection is successfully set up, this user can also be transitioned to external authentication by unchecking the ‘Use Local Authentication’ option in the user edit flow.