Gain awareness of everything hitting your network. Provide access consistently and efficiently. Relieve the stress of complex access management. ISE supports AAA, 802.1X, guest, BYOD, Cisco pxGrid™, and mobile device […]
Security Services And Solutions—Cisco ISE Identity Services Engine
Gain awareness of everything hitting your network. Provide access consistently and efficiently. Relieve the stress of complex access management. ISE supports AAA, 802.1X, guest, BYOD, Cisco pxGrid™, and mobile device management. Cisco Identity Services Engine™ (ISE™) can scale to up to 500,000 endpoints per deployment. Cisco™ physical appliances are based on the Cisco UCS C220™ server and get configured to support Cisco ISE™ or choose a VM. Simplify access across wired, wireless, and VPN connections. Policies are cascaded across all types of access points and enforced by Cisco TrustSec™ software defined segmentation. Cisco ISE™ simplifies the delivery of consistent, highly secure access control across wired and wireless multivendor networks and remote VPN connections. With far—reaching, intelligent sensor and profiling capabilities, Cisco ISE™ can reach deep into the network to deliver superior visibility into who and what are accessing resources. It can share vital contextual data with technology partner integrations. And it can implement Cisco TrustSec™ policy for software—defined segmentation. Cisco™ security technologies — with the Cisco Firepower Management Center™ and Cisco Stealthwatch™ behavior analysis, you can share security intelligence. You can also request threat containments through Cisco ISE™.
In addition, you can protect critical data through the solution’s Cisco Threat—Centric NAC™ feature. Dynamically change your users’ access privileges when their threat or vulnerability scores go up. Stop a threat immediately by directing Cisco ISE™ to contain the device. Automate your responses so you don’t have to spend time on threats that are clearly identified. Change users’ access privileges before or after they get on the network, based on their threat score. If a device starts to act suspiciously, you can automatically deny it access to critical resources such as finance or patient records while allowing access to noncritical resources. You can use the standard expressions of the Structured Threat Information Expression™ (STIX) for threats and the Common Vulnerability Scoring System™ (CVSS) for vulnerabilities to help ensure consistent categorization and responses. Qualys™ is integrated with Cisco pxGrid™ for vulnerabilities and Cisco AMP™ for threats. Integration—Cisco Platform Exchange Grid™ (pxGrid) provides an open, secure system for security technologies to exchange intelligence, obtain information from Cisco ISE™, and direct Cisco ISE™ to contain threats. Stop attacks faster—stop a threat immediately by directing Cisco ISE™ to contain the device. Automate your responses so you don’t have to spend time on threats that are clearly identified.
Share Rich User And Device Details
Users and devices are shown in a simple, flexible interface. Cisco ISE™ shares details through the Cisco Platform Exchange Grid™ (pxGrid) with partner platforms to make them user, device, and network aware. Cisco pxGrid’s™ unified framework makes collaboration possible across systems in multivendor, cross—platform networks. Today’s IT infrastructure requires numerous tools and platforms to keep a network and its connected devices secure and operating smoothly. The frequent result; “silos” of information that isn’t shared. The industry has historically used APIs to share information between platforms. Cisco pxGrid™, with its unified framework, effectively addresses this issue. Our ecosystem partners need to integrate their technologies with Cisco pxGrid™ only once. They can then share context bidirectionally with many platforms without the need to adopt platform—specific APIs. Reduce risks and contain threats by dynamically controlling network access. Cisco ISE™ can assess vulnerabilities and apply threat intelligence. It can also contain a suspicious device for remediation.
Stop And Contain Threats
Reduce risks and contain threats by dynamically controlling network access. Cisco ISE™ can assess vulnerabilities and apply threat intelligence. It can also contain a suspicious device for remediation. We call this Cisco Rapid Threat Containment™. Get answers fast about threats on your network and stop them even faster. Cisco Rapid Threat Containment™ uses an open integration of Cisco’s™ security products, technologies from Cisco security partners, and the network control of the Cisco Identity Services Engine™ (ISE). In addition, you can protect critical data through the solution’s Cisco Threat—Centric NAC™ feature; Dynamically change your users’ access privileges when their threat or vulnerability scores group. Cisco ISE™ transforms the network from a simple conduit for data into a security enforcer that accelerates the time to detection and time to resolution of threats. The Cisco pxGrid™ (Platform Exchange Grid) is an open, scalable, and IETF standards—driven data—sharing and threat control platform. Now your multiple security products can work together. With Cisco pxGrid™, security operations teams can also automate to get answers and contain threats faster.
Cisco ISE Deployment
Choose a machine — Cisco ISE™physical appliances are based on the Cisco UCS C220™ server and get configured to support Cisco ISE™, Or choose a virtual machine. Choose your use case—Cisco ISE™supports AAA, 802.1X, guest, BYOD, Cisco pxGrid™, and mobile device management. And more. How many endpoints?—Cisco ISE™can scale to up to 500,000 endpoints per deployment. The best in the industry. Get answers fast about threats on your network and stop them even faster. Cisco Rapid Threat Containment™ uses an open integration of Cisco™’s security products, technologies from Cisco™ security partners, and the network control of the Cisco Identity Services Engine™ (ISE). Intelligence—Cisco™ partners who integrate their technologies with Cisco pxGrid’s Rapid Threat Containment™ capability can share their data and use Cisco ISE™ to control network access to threatening devices. Protect critical data faster—change users’ access privileges before or after they get on the network, based on their threat score. If a device starts to act suspiciously, you can automatically deny it access to critical resources such as finance or patient records while allowing access to noncritical resources.
Features And Benefits
Simplify access across wired, wireless, and VPN connections. Policies are cascaded across all types of access points and enforced by Cisco TrustSec™ software—defined segmentation. The redesigned ISE 2.1 further simplifies the delivery of consistent, highly secure access control across wired and wireless multivendor networks and remote VPN connections. With far—reaching, intelligent sensor and profiling capabilities, Cisco ISE™ can reach deep into the network to deliver superior visibility into who and what is accessing resources. Through the sharing of vital contextual data with technology partner integrations and the implementation of Cisco TrustSec™ policy for software defined segmentation, Cisco ISE™ transforms the network from simply a conduit for data into a security enforcer that accelerates the time to detection and time to resolution of network threats. Context and control—the Cisco ISE™ provides contextual identity data (user, device type, and posture). It contains threats by using the network as an enforcer with VLANs or Cisco TrustSec™ security groups. Get answers faster—organize relevant threat information on one platform instead of having to conduct lengthy investigations, traversing from system to system.
You must be logged in to post a comment.