Cisco Blogs


Cisco Blog > Security

A Dynamic Integration: FireSIGHT and ISE

With the security landscape constantly evolving and attackers innovating at the rapid pace, it is important that we keep up with attackers.  For this reason we have based our security on imperatives like being visibility-driven and platform-based.

Organizations need total visibility of their environments for full contextual awareness, ultimately enabling better network protection, since we can’t protect what we can’t see.  The imperative of being platform-based is also important for more simplified architectures with fewer security devices that smoothly integrate with existing IT environments, capable of sharing deep contextual data.

These imperatives working in concert mean defenders can now move towards security systems that see everything and share context and intelligence for correlation to dynamically apply controls in real-time based on what is seen and learned.

These imperatives are also central to the Identity Services Engine (ISE) and its partner ecosystem powered by Platform Exchange Grid (pxGrid) to share contextual information between platforms for better visibility, mobile device compliance, cyber threat defense, threat remediation, network troubleshooting and IoT security.

The continued integration of Cisco and Sourcefire continues to show the commitment to an evolving and powerful security portfolio, based on these imperatives.  Today we unveil another integration: Cisco ISE with FireSIGHT Management Center using pxGrid.

FireSIGHT Management Center is the management console for Cisco ASA with FirePOWER Services and Cisco FirePOWER appliances providing total, real-time network visibility and security automation.  Cisco ISE is our security policy management platform unifying and automating secure access control to enforce role-based access to networks and network resources.

Now, corporate environments with networks that contain both FireSIGHT and ISE can use them together for threat detection and quarantine.

Cisco ISE leverages pxGrid technology to integrate with FireSIGHT so it can collect identity contextual information from ISE for identity-based event logging as well as specifying quarantine actions for remediation.  Simply put, when an AMP for Endpoints malware detection appears in FireSIGHT, it dynamically instructs ISE to quarantine the infected endpoint.

With FireSIGHT and ISE working together for more dynamic controls, we drive further momentum after introducing Cisco ASA with FirePOWER Services and incorporation of Advanced Malware Protection (AMP) on Cisco content security products.

To install please visit the Cisco support community or visit our booth at Cisco Live Cancun November 3-6 for a demo.  For information on ISE, please see our recent post on the Cisco Identity Services Engine (ISE) and its expanding technology partner ecosystem.

Tags: , , , , , ,

Security: Front and Center at Cisco Live Cancun 2013

November 12, 2013 at 5:00 am PST

This year I was honored to be able to present and participate at Cisco Live Cancun, which took place last week. Many attendees from North, Central and South America and the Caribbean came to discover innovative ways that networking technologies can help them reach new markets and understand which solutions are right for their specific challenges.

Security was a hot topic this year!

Customers were able to connect with numerous experts for guidance and advice on security IT challenges that their company may be facing. Maintaining an appropriate security posture in “Bring Your Own Device” (BOYD) environments can be a challenge. This year I delivered a presentation about BYOD Security and Cisco’s TrustSec in an 8 ½ hour session titled “Bring Your Own Device – Architectures, Design and Operation” (TECRST-2020). Implementing BYOD requires a comprehensive solution that ensures the security and reliability of the network while enhancing user experience and productivity. The exponential growth of consumer devices and the need to maintain continuous connectivity to corporate and Internet resources has brought new challenges to corporate networks. Network managers struggle to provide adequate connectivity to employees while protecting corporate data. This session focused on the architecture and framework required to deploy the proper network infrastructure, security components and device management to support different endpoints, each with unique permissions into the network. A combination of lectures and live demos provided the information needed for customers to build an effective BYOD solution. The latest Cisco Validated Design guide (CVD) 2.5 for BYOD was covered highlighting different BYOD use cases, including TrustSec, converged access and the integration with Mobile Device Managers (MDM) to receive device posture information. Read More »

Tags: , , , , , , , , ,