🔐Accessing and Securing your Cisco Identity Intelligence Tenant

Overview

This article describes several critical aspects of the Cisco Identity Intelligence security solution -

• Understanding tenant types

• Accessing your tenant

• Securing access to your tenant

Tenant Types

The Oort cloud platform leverages several different tenant tiers and editions, as well as geolocations, which is not unusual for SaaS solutions. From an client perspective, the different environments do not have different development cycles or characteristics.

Oort Production Environment

The Production environment is refreshed with the latest build on a weekly cycle.

Social authentication platforms are not allowed for Production tenants. Only SSO from a clients IDP or IAM solution, such as Azure, Okta, Duo Security SSO, etc., is allowed. For this reason, users are not required to enroll and use MFA via the Oort customer auth platform.

Accessing your Tenant from Duo Security

If your Cisco Identity Intelligence (or CII), has been provisioned from your Duo tenant, then you can access CII from the Launch Identity Intelligence button under the Monitoring tab.

Creating a Bookmark or Shortcut for Direct Tenant Access

For Duo Security customers, to create a direct URL bookmark in Duo Central or another IDP or SSO platform for users to launch the CII console, simply right click the Launch button shown above and copy the URL to the clipboard.

This URL will have both the tenant name ("slug") and the SSO connection name for your tenant appended to it. It will take users directly to your SSO and into the CII tenant after authentication.

If you are not a Duo Security customer with an integrated Cisco Identity tenant, you can copy a share link from one of many locations in the console, such as the Dashboard page. This will be of the form (note the base URL is geo deployment zone specific, see below for the list):

https://dashboard.oort.io/go?slug=tenantname

Use this as your bookmark. Users will need to select your SSO login button and then authenticate.

Accessing your Tenant Directly

There are several ways to access your tenant.

1. Navigate to the following URLs, depending on your tenant location:

   US Production: https://dashboard.oort.io/

   EU Production: https://dashboard.eu.oort.io/ Australia Production: https://dashboard.au.oort.io/ Japan Production: https://dashboard.jp.oort.io/ United Kingdom: https://dashboard.uk.oort.io/

2. Click the Login button in the top right and then enter your tenant name. Then click Continue.
3. At this point, you will be presented with the available logon options, which will include your enterprise SSO method. One or more login options for Cisco Support will also be present, but unused unless granted by the client.
4. Select your enterprise SSO login option and continue with the login process for it. You will be redirected to the Dashboard page when complete. Note - Cisco Identity does not provide a local username and password login option.

Securing your Oort Tenant

There are several important concepts related to securing your Oort tenant.

• Multi-factor authentication (MFA) - Cisco requires this in all tenants. It is discussed further below.

• Session idle timeouts - Cisco has a default 15 min session idle timeout.

• Role-based Access Controls (RBAC) - Cisco recommends RBAC be implemented in all Production tenants. Role-based access options and configuration is discussed in this article - Role-based Access (RBAC) and Reviewing Access Logs.

MFA in Production Tenants

Cisco relies solely on customer IAM platforms for customer authentication and SSO into production tenants. Cisco insists on some form of MFA for these connections, but it is the customer's responsibility to implement and enforce it via their IAM platform.

MFA enrollment with the Cisco customer authentication platform is not required for this reason.