Cisco Blogs


Cisco Blog > Security

A Dynamic Integration: FireSIGHT and ISE

With the security landscape constantly evolving and attackers innovating at the rapid pace, it is important that we keep up with attackers.  For this reason we have based our security on imperatives like being visibility-driven and platform-based.

Organizations need total visibility of their environments for full contextual awareness, ultimately enabling better network protection, since we can’t protect what we can’t see.  The imperative of being platform-based is also important for more simplified architectures with fewer security devices that smoothly integrate with existing IT environments, capable of sharing deep contextual data.

These imperatives working in concert mean defenders can now move towards security systems that see everything and share context and intelligence for correlation to dynamically apply controls in real-time based on what is seen and learned.

These imperatives are also central to the Identity Services Engine (ISE) and its partner ecosystem powered by Platform Exchange Grid (pxGrid) to share contextual information between platforms for better visibility, mobile device compliance, cyber threat defense, threat remediation, network troubleshooting and IoT security.

The continued integration of Cisco and Sourcefire continues to show the commitment to an evolving and powerful security portfolio, based on these imperatives.  Today we unveil another integration: Cisco ISE with FireSIGHT Management Center using pxGrid.

FireSIGHT Management Center is the management console for Cisco ASA with FirePOWER Services and Cisco FirePOWER appliances providing total, real-time network visibility and security automation.  Cisco ISE is our security policy management platform unifying and automating secure access control to enforce role-based access to networks and network resources.

Now, corporate environments with networks that contain both FireSIGHT and ISE can use them together for threat detection and quarantine.

Cisco ISE leverages pxGrid technology to integrate with FireSIGHT so it can collect identity contextual information from ISE for identity-based event logging as well as specifying quarantine actions for remediation.  Simply put, when an AMP for Endpoints malware detection appears in FireSIGHT, it dynamically instructs ISE to quarantine the infected endpoint.

With FireSIGHT and ISE working together for more dynamic controls, we drive further momentum after introducing Cisco ASA with FirePOWER Services and incorporation of Advanced Malware Protection (AMP) on Cisco content security products.

To install please visit the Cisco support community or visit our booth at Cisco Live Cancun November 3-6 for a demo.  For information on ISE, please see our recent post on the Cisco Identity Services Engine (ISE) and its expanding technology partner ecosystem.

Tags: , , , , , ,

ISE and IOE

At a recent offsite, the Identity Services Engine (ISE) project team, and our InfoSec and Mobility teams spoke at length about how we will tackle the challenge of getting all Internet of Everything (IoE) devices securely on the network. Cisco IT has an aggressive schedule for the deployment of ISE capabilities in our FY15 (Fiscal Years in Cisco start on August 1 and go to the following calendar year July 30). Read More »

Tags: , , , , , ,

7 Billion Reasons Why Your Company Needs Cisco ISE

Seven billion.  That’s the number of mobile-connected devices that will be trying to get on networks this year.  Now you’re probably not going to be hosting all 7 billion of them, so let’s try this number – 4.  As in, “the average number of devices that enterprise users have” is roughly 4 devices*.  Go ahead – do the math with your own employees.  For Cisco, that’s around 250,000+ devices or so attempting to connect to our network. As a company, you may have more, you may have less…but the one thing you definitely have are employees who are eager to access your network with more of their own personal devices than ever before.

Great for employees, right?  Absolutely.  However, this, generally, gives enterprises two major dilemmas:

1)      They lack any visibility into or context around who and what is getting on the network – Is it a smartphone?  Is it a smartphone with the latest OS?  Is it a smartphone supported by the enterprise?

2)      They’ve lost the stringent control they used to have over what’s getting onto the networks.  Sure – rules are defined for users, but maybe they’re not really being enforced. Or maybe “shadow IT” is just going around the rules to get someone’s new cracked Android tablet online.

This, generally, also gives network administrators heartburn…and for good reason.  They’re stuck walking that fine line between security and productivity.  How can they secure the enterprise and network access without making life miserable for their users…and themselves?

In our experiences here at Cisco, we’ve discovered that tackling these challenges requires a few things:

1)      Find a way to accurately identify who and what is getting on the network

2)      Centrally manage user access policy and use the identity to assign everyone the right network access

3)      Make it easy for users to actually get onto the network – however they connect

4)      Keep an eye on the network for threats and then quickly neutralize those threats.

If you can find a way to do each one of those things, you’ve taken a big first step in addressing these dilemmas.

Dynamic Control with Context

At Cisco, we’re helping organizations tackle these challenges every day with the Cisco Identity Services Engine (or “ISE”).  Cisco ISE is an access policy platform that unifies and automates secure access control to network resources.

1)      Accurate Identification – Cisco ISE grabs contextual data from a wide variety of sources (e.g., Active Directories, sensors, NetFlow) across the network to offer clear visibility into every connected device. It also offers advanced profiling technology as well as a curated profiling update service to ensure that all these connected devices are accurately identified and classified.

2)      Centralized Access Policy – Cisco ISE gives enterprises the power to centrally define and manage the right types of access for users and devices. ISE can take written, granular business policy and make it real secure access policy, enforced across the network.

3)      Easy Onboarding – New simplified onboarding experiences provide intuitive user access on branded portals, without sacrificing security, for a wide variety of enterprise deployments – from guest hotspot to “BYOD” projects.

4)      Rapid Mitigation and Remediation – Cisco ISE can take all that collected contextual data and share it with integrated partner solutions. By delivering a deeper level of context, ISE makes it easier and faster to identify, mitigate, and take action to remediate non-compliant mobile devices, compromised endpoints, or other network threats.

Cisco ISE provides enterprises with greater visibility into who and what is on the network. This leads to more accurate identification, which, in turn, allows enterprises to assign the right access control to an end-user and device…easily and securely.

So, when that day comes where some of those 7 billion devices end up on YOUR network, you know you’ll be ready to tackle those challenges with Cisco ISE.

Please join us on November 5, 2014, for a live, 60-minute webcast where we’re offering a sneak peek at the newest version of Cisco ISE.  Space is limited, so register today!


*Citrix, “Workplace of the Future: a global market research report”, September 2012 http://www.citrix.com/content/dam/citrix/en_us/documents/products-solutions/workplace-of-the-future-a-global-market-research-report.pdf

Tags: , , , ,

The Foundation for a Business Relevant Network

With the growing influx of new mobile devices, connected things, bandwidth intensive applications and more data, the network is more relevant to business success than ever before.  Back in June of 2012, Cisco saw that we needed to move away from multiple network systems loosely linked together to an agile and simple infrastructure, streamlined policy and centralized management would be needed to support new business demands. We called it Cisco Unified Access and we aligned the solution to three pillars: One Network, One Policy and One Management.

For the last few years, we have focused on delivering new products and functionality under this Unified Access model. Below is a timeline of products released as part of the Unified Access framework. Cisco lead the way in delivering gigabit 802.11ac Wi-Fi., converged wireless control in access switches and through the acquisition of Meraki – a complete cloud-managed network solution.

foundation

The timeline above doesn’t represent every feature and function we have delivered, but it shows Cisco’s commitment to this Unified Access model, both from a cloud-managed and on-premise solution perspective.

Today, Cisco is announcing a number of new products and new functionality to existing products that will help mobilize the workforce, secure the business and increase IT agility. The announcement includes the following: Read More »

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Leverage Those APIs

Cisco IT has always strived to improve the user experience.  It is often overlooked in some IT organizations, but Cisco IT has service managers who are held accountable for the feedback they get for their service sectors.  This focus on how we perform means we are constantly pushed to improve how users interact with the technology. Read More »

Tags: , , , , , ,