Cisco Blogs

Cisco Blog > Perspectives

#CiscoChampion Radio S1|Ep 24 Identity Services Engine (ISE)

cisco_champions BADGE_200x200#CiscoChampion Radio is a podcast series by Cisco Champions as technologists. Today we’re talking about Identity Services Engine (ISE) with Cisco Program Manager (Cisco IT, Security) Greg Rasner. Lauren Friedman (@Lauren) moderates and Travis Newshott and Brandon Carroll are this week’s Cisco Champion guest hosts.

Listen to the Podcast.

Learn about the Cisco Champions Program HERE.
See a list of all #CiscoChampion Radio podcasts HERE.

Cisco SME
Greg Rasner, @IT_ISE_MAN, Cisco Program Manager (Cisco IT, Security)

Cisco Champions
Travis Newshott, @tnewshott, Security Architect
Brandon Carroll, @brandoncarroll, President and CEO (Global Config Technology Solutions, Inc.) Read More »

Tags: , ,

Inside Cisco IT Takes You on Our Security Journey

Would you jump on a horse without consulting someone else who is at least somewhat familiar with horses?  You know, like a cowgirl or boy?

Probably not.

At least not if you’re interested in staying in the saddle versus tumbling to the never-soft earth.

While Cisco IT doesn’t have any expertise in horseback riding (I mean, you are welcome to ask me for a couple of pointers, but I’m not promising results), we DO have expertise in a variety of challenges IT departments face on a regular basis.

Like Security.

Last week, we hosted a live Inside Cisco IT Webinar on our Security Journey with two of our own Cisco IT Security Experts.  If you missed it, you should definitely give the recording a gander.

After checking out the recording, this is what you should come away with:

Security Webinar Key Takeaways

Tags: , , , , , , , ,

Access Control with Cisco TrustSec: Moving from “IP Addresses” to “Roles and Attributes”

Today’s enterprise is a highly dynamic, and hyper connected environment where IT plays a critical role in connecting the users, devices, resources and corporate IT systems. Today’s employees are also highly mobile in nature and do not necessarily have a single workspace assignment. The IT departments are constantly being challenged by the organization’s Line of Business owners to keep up with the pace of rolling out new services to address market needs, while keeping up with user expectations.

At the same time, IT departments also are responsible for ensuring business continuity and an uninterrupted service. However, the toughest challenge that any IT organization faces is implementing a security architecture which not only satisfies the compliance and industry regulatory requirements, but also provides a sufficient amount of protection against unauthorized access, data breaches, etc.

The traditional way to implement a security architecture in this kind of an environment is by implementing security rules in Firewall for traffic traversing the network’s extranet/intranet or data-center perimeters. For implementing security policies within an organizations network, Identity-Based Networking using IEEE 802.1X is generally used. Read More »

Tags: , , , , , , , , , , , ,

Cisco ISE in the lab.

My company is in the very early stages of an MDM BYOD project.  As part of that we are looking at the Cisco Identity Service Engine (ISE) as a central piece.  I am about half way through my testing and I thought that I would pass on some of what I have learned so far.  I am far from being an ISE expert and I don’t mention profiling or the advanced features in this post. I have tried them but don’t feel knowledgeable enough to go into these details.


ISE is an excellent NAC system but it does much more than that.  One of the advantages of trying to configure a new piece of technology yourself is that you learn much more and also other ways to increase the ROI.  The main reason we are interested in ISE is as the enforcement point on our wireless network.  When a device tries to connect to our BYOD network we want ISE to query the MDM server to verify if the device is registered and if not to redirect the device to the MDM provisioning portal.  If the device is registered with MDM ISE will then query AD and verify the user credentials.  This is a core function of ISE and went fairly well. Read More »

Tags: , , , ,

Consider Mobile Work Patterns and Security Impact

Mobility and application access capabilities have encouraged many of today’s work patterns. Some work behaviors were recently noted in a Cisco-commissioned research report on mobility and BYOD comparing IT and end user viewpoints. Striking about the findings is that day-to-day business activities were relatively balanced on wired and wireless connections—so while mobility is here and growing, usage is no more than wired. Core to the findings were end users’ view that mobile devices are 37% less effective than their corporate laptop for conducting business activities. From an IT perspective, managing devices and multiple policies in a wired and wireless environment was a key challenge. Mobile device usage behaviors surveyed suggested a personal and social flair. The predominant applications used on mobile devices are not specific business applications (22%) but collaborative applications (56%). The report also indicates that mobile devices are used for personal use more frequently than IT estimates.  Read More »

Tags: , , , ,