In the past few years a number of paradigm shifts have made policy-based networking essential to effective enterprise IT management. Some of these shifts include an increased reliance on virtualization and the cloud; the “consumerization” of business networks that has occurred with the popularity of devices such as tablets and smartphones; and the rapid adoption of video in business communications. By applying appropriate policies within the network, IT managers can do a better job of meeting users’ expectations and become business enablers.
We believe our message of One Policy, One Management and One Network has been recognized in the recent Gartner 2012 Wired and Wireless LAN Infrastructure Magic Quadrant, where Cisco has been positioned as a leader.
Foundational to Cisco’s One Policy strategy is the Cisco Identity Services Engine (ISE), which enables organizations to create and deploy unified policy to address the need for BYOD compliance. ISE enables one consistent policy across the entire enterprise, as well as enforcement by correlating a unique combination of contextual information including user, device, location and time.
To be clear, one policy doesn’t mean you set a single policy for all users or all devices. It means you establish the ability to administer policy in a common fashion with a device/user/application context regardless of access method. The ability to enforce policy at a granular level – even setting different policies for a single user depending on what device they’re using or where they’re connecting – helps you correctly prioritize traffic and ensure a rich quality of experience without creating a huge IT headache.
By deploying the Cisco ISE platform to enforce secure access policies , IT organizations will be able to accomplish business goals by enforcing identity-and context-aware policies and such as:
- Give authorized users access to sensitive data when they are in certain locations or using specific devices, while restricting access from other locations or from other devices.
- Increase employees’ productivity when they travel between cities by providing appropriate access to virtual desktops in the company data center. .
- Block employee access to non-business social networking sites during business hours, and block contractor access to such sites at all times.
ISE implements one central policy anywhere and everywhere – from switches to wireless LAN controllers, from routers to firewalls, from remote access to the data center. Your network becomes inherently more secure with this policy consistency and distributed enforcement capabilities. Stay tuned to this blog as we get ready to release ISE 1.1MR with bright spanking new features and help you through this journey of implementing a policy governed network.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose