Avatar

Chad Mitchell Cisco Tanium DoD

Co-author:

Chad Mitchel  |  DoD Technical Solutions Architect at Cisco

 

 

The U.S. Department of Defense (DoD) has long been on the forefront of technology innovation when it comes to increasing mission success. But as technology evolves, so does the cybersecurity threat landscape. This means the military’s IT leaders must be on alert 24/7.

The three keys to DoD security posture

Commercial vendors are good at handling pressure. But when it comes to supporting the DoD, it is important that they also continually seek innovation; plus support military folks as much as they can and do their best to help ensure national security. But perhaps they should first ask “what do defense agencies want from technology vendors?”

I’ve had conversations with agencies across the U.S. Department of Defense (DoD) and there are three things defense agencies really want regarding their security posture capability:

  1. To leverage security investments they already own
  2. To increase automated capabilities
  3. Get industry vendors working together to deliver solutions to protect the mission.

Not too tall of an order, right? To help address these, Cisco built an open security architecture inviting industry collaboration across the security ecosystem. More than 150 companies have joined into Cisco’s pXGrid, which is a publisher/subscriber framework where security capabilities, information, and context are exchanged. No matter the technology vendor, security solutions work together for the sake of the defense missions at hand.

For example, this exchange enables user identity and access technology to integrate with device health and posture assessments to grant policy-based network access. So a soldier with a cell phone can be granted access to certain data, pending where they are, and if their device needs an update then remediation can automatically be done. This approach saves management time on the backend and possible mission interruptions on the frontend. This is the desired end state of DoD’s long-awaited Comply-to-Connect (C2C) initiatives.

Growing our security ecosystem with Tanium

This security ecosystem is continuing to grow, and in a very exciting way. This includes a new industry integration for DoD: Cisco and Tanium. Tanium is one of the leading endpoint communications architectures used by the DoD to provide quick visibility and control across every endpoint on the network. These type of security functions are essential to any defense mission, at home or on the battlefield.

If a defense agency utilizes both Tanium and Cisco’s Identity Services Engine (ISE), ISE can interrogate a workstation to determine if the Tanium client is installed. If so, ISE can complete the 802.1X authentication process and allow the endpoint onto the network with the proper network policies applied. If ISE determines Tanium is not installed, the endpoint will be placed into a remediation process to install the client before the process starts again.

Additionally, once authorized and on the network, Tanium queries the endpoint to determine health, software release, patch, STIG compliance, vulnerability status, etc. If a policy requirement is unsatisfied, Tanium will message over pXGrid to Cisco ISE and automatically place the endpoint into a restricted access or remediation state. The two solutions are literally talking to each other making sure every device on the network has the security posture needed.

Best of all, this level of security is automatic, flexible, and based on DoD policy. The policy and actions are shared between the ISE/Tanium consoles without administrators writing code to make it happen. Comply-to-Connect – delivered.

Tried and tested, and very cool

This is just one example of how Cisco is building simple, open, orchestrated, and effective platforms leveraging current DoD investments to better secure the country.

It’s clear that the DoD needs industry vendors to work together so defense agencies can better utilize current investments and deploy more automated capabilities. As one of the leading vendors for the DoD, Cisco will continue to build the security solutions needed to protect our country.

Resource link

Learn more about Cisco pXGrid: https://www.cisco.com/c/en/us/products/security/pxgrid.html

Quick resource: Get up to speed on the DoD’s Comply-to-Connect initiative



Authors

Matt McCook

Cyber Security Regional Manager

Cisco US Public Sector Federal – Department of Defense