πŸ”Accessing and Securing your Cisco Identity Intelligence Tenant

07/2024

Overview

This article describes several critical aspects of the Cisco Identity Intelligence security solution -

  • Understanding tenant types

  • Accessing your tenant

  • Securing access to your tenant

Tenant Types

The Oort cloud platform leverages several different tenant tiers and editions, as well as geolocations, which is not unusual for SaaS solutions. From an client perspective, the different environments do not have different development cycles or characteristics.

Oort Production Environment

The Production environment is refreshed with the latest build on a weekly cycle.

Social authentication platforms are not allowed for Production tenants. Only SSO from a clients IDP or IAM solution, such as Azure, Okta, Duo Security, etc., is allowed. For this reason, users are not required to enroll and use MFA via the Oort customer auth platform.

Accessing your Tenant from Duo Security

If your Cisco Identity Intelligence (or CII), has been provisioned from your Duo tenant, then you can access CII from the Launch Identity Intelligence button under the Monitoring tab.

Accessing your Tenant Directly

There are several ways to access your tenant.

  1. Navigate to the following URLs, depending on your tenant location:

    US Production: https://dashboard.oort.io/

    EU Production: https://dashboard.eu.oort.io/ Australia Production: https://dashboard.au.oort.io/ Japan Production: https://dashboard.jp.oort.io/

  2. Click the Login button in the top right and then enter your tenant name. Then click Continue.

  3. At this point, you will be presented with the available logon options, which will include your enterprise SSO method. One or more login options for Cisco Support will also be present, but unused unless granted by the client.

  4. Select your enterprise SSO login option and continue with the login process for it. You will be redirected to the Dashboard page when complete. Note - Cisco Identity does not provide a local username and password login option.

Securing your Oort Tenant

There are several important concepts related to securing your Oort tenant.

  • Multi-factor authentication (MFA) - Cisco requires this in all tenants. It is discussed further below.

  • Session idle timeouts - Cisco has a default 15 min session idle timeout.

  • Role-based Access Controls (RBAC) - Cisco recommends RBAC be implemented in all Production tenants. Role-based access options and configuration is discussed in this article - Role-based Access (RBAC) and Reviewing Access Logs.

MFA in Production Tenants

Cisco relies solely on customer IAM platforms for customer authentication and SSO into production tenants. Cisco insists on some form of MFA for these connections, but it is the customer's responsibility to implement and enforce it via their IAM platform.

MFA enrollment with the Cisco customer authentication platform is not required for this reason.

PreviousHow-to GuidesNextAdvanced Query Mode

Last updated