Cisco Blogs


Cisco Blog > Security

Cisco Identity Services Engine (ISE) 1.3 and Cisco AnyConnect 4.0 Are Now Available!

Cisco customers, partners, and field have been eagerly awaiting the release of the latest version of the Identity Services Engine and the AnyConnect Secure Mobility Client. Well, the wait is now over! After another highly successful limited availability program, Cisco ISE 1.3 and Cisco AnyConnect 4.0 are now available for full orderability as of Friday, November 7, 2014.

With a focus on simplifying user experiences, the latest release of Cisco ISE accelerates enterprises’ capabilities to deploy secure network access easily in just hours. For administrators deploying Guest Access or Enterprise Mobility (a.k.a. “BYOD”) or for end-users onboarding their devices, these processes are now more streamlined than ever before. Expanding secure access across the entire network is also easy with Cisoc ISE by utilizing Cisco TrustSec to enable Software-Defined Segmentation (SDS) that creates contextual segmenation policies aligned with business usage. Flexible, tiered licensing allows customers to right-size their deployments for the features they need and want. Overall, secure access policy and control is centralized and simplified in order to securely and consistently deliver vital business services, enhance infrastructure security, enforce compliance, and streamline service operations. Read More »

Tags: , , , ,

#CiscoChampion Radio S1|Ep 24 Identity Services Engine (ISE)

cisco_champions BADGE_200x200#CiscoChampion Radio is a podcast series by Cisco Champions as technologists. Today we’re talking about Identity Services Engine (ISE) with Cisco Program Manager (Cisco IT, Security) Greg Rasner. Lauren Friedman (@Lauren) moderates and Travis Newshott and Brandon Carroll are this week’s Cisco Champion guest hosts.

Listen to the Podcast.

Learn about the Cisco Champions Program HERE.
See a list of all #CiscoChampion Radio podcasts HERE.

Cisco SME
Greg Rasner, @IT_ISE_MAN, Cisco Program Manager (Cisco IT, Security)

Cisco Champions
Travis Newshott, @tnewshott, Security Architect
Brandon Carroll, @brandoncarroll, President and CEO (Global Config Technology Solutions, Inc.) Read More »

Tags: , ,

Inside Cisco IT Takes You on Our Security Journey

Would you jump on a horse without consulting someone else who is at least somewhat familiar with horses?  You know, like a cowgirl or boy?

Probably not.

At least not if you’re interested in staying in the saddle versus tumbling to the never-soft earth.

While Cisco IT doesn’t have any expertise in horseback riding (I mean, you are welcome to ask me for a couple of pointers, but I’m not promising results), we DO have expertise in a variety of challenges IT departments face on a regular basis.

Like Security.

Last week, we hosted a live Inside Cisco IT Webinar on our Security Journey with two of our own Cisco IT Security Experts.  If you missed it, you should definitely give the recording a gander.

After checking out the recording, this is what you should come away with:

Security Webinar Key Takeaways

Tags: , , , , , , , ,

Access Control with Cisco TrustSec: Moving from “IP Addresses” to “Roles and Attributes”

Today’s enterprise is a highly dynamic, and hyper connected environment where IT plays a critical role in connecting the users, devices, resources and corporate IT systems. Today’s employees are also highly mobile in nature and do not necessarily have a single workspace assignment. The IT departments are constantly being challenged by the organization’s Line of Business owners to keep up with the pace of rolling out new services to address market needs, while keeping up with user expectations.

At the same time, IT departments also are responsible for ensuring business continuity and an uninterrupted service. However, the toughest challenge that any IT organization faces is implementing a security architecture which not only satisfies the compliance and industry regulatory requirements, but also provides a sufficient amount of protection against unauthorized access, data breaches, etc.

The traditional way to implement a security architecture in this kind of an environment is by implementing security rules in Firewall for traffic traversing the network’s extranet/intranet or data-center perimeters. For implementing security policies within an organizations network, Identity-Based Networking using IEEE 802.1X is generally used. Read More »

Tags: , , , , , , , , , , , ,

Cisco ISE in the lab.

My company is in the very early stages of an MDM BYOD project.  As part of that we are looking at the Cisco Identity Service Engine (ISE) as a central piece.  I am about half way through my testing and I thought that I would pass on some of what I have learned so far.  I am far from being an ISE expert and I don’t mention profiling or the advanced features in this post. I have tried them but don’t feel knowledgeable enough to go into these details.

ISE

ISE is an excellent NAC system but it does much more than that.  One of the advantages of trying to configure a new piece of technology yourself is that you learn much more and also other ways to increase the ROI.  The main reason we are interested in ISE is as the enforcement point on our wireless network.  When a device tries to connect to our BYOD network we want ISE to query the MDM server to verify if the device is registered and if not to redirect the device to the MDM provisioning portal.  If the device is registered with MDM ISE will then query AD and verify the user credentials.  This is a core function of ISE and went fairly well. Read More »

Tags: , , , ,