Mark Twain once wrote, “Everybody complains about the weather, but nobody ever does anything about it.” Security policy is a lot like that. Creating a security policy is at the top of the list for anyone looking to really secure their network. But the devil is in the details.
Among the things a security policy needs to cover are:
All users
All physical and virtual devices
All access methods
All resource classifications and locations
All compliance requirements
All of the OSI layers, from the physical layer up the stack to the application layer
AND the policy needs to be applied uniformly across the entire distributed enterprise
The Cisco Identity Services Engine continues the relentless march on both policy definition and the all-important, yet difficult to deliver -- policy enforcement. This is a first generation product with a multi-generational pedigree granting it a maturity worth considering for many networks. We created another one of our fundamental’s explanations for this one humbly think it does a good job of explaining both what the ISE is for and what you should be able to get out of it.
Couple of great places for more information of course.
“HUNDREDS of millions of Indians cannot prove they exist. They have no birth certificate, no driving licence, no social-security number. So they find it hard to open a bank account, borrow money or draw on government services.”
