Cisco customers, partners, and field have been eagerly awaiting the release of the latest version of the Identity Services Engine and the AnyConnect Secure Mobility Client. Well, the wait is now over! After another highly successful limited availability program, Cisco ISE 1.3 and Cisco AnyConnect 4.0 are now available for full orderability as of Friday, November 7, 2014.

With a focus on simplifying user experiences, the latest release of Cisco ISE accelerates enterprises’ capabilities to deploy secure network access easily in just hours. For administrators deploying Guest Access or Enterprise Mobility (a.k.a. “BYOD”) or for end-users onboarding their devices, these processes are now more streamlined than ever before. Expanding secure access across the entire network is also easy with Cisoc ISE by utilizing Cisco TrustSec to enable Software-Defined Segmentation (SDS) that creates contextual segmenation policies aligned with business usage. Flexible, tiered licensing allows customers to right-size their deployments for the features they need and want. Overall, secure access policy and control is centralized and simplified in order to securely and consistently deliver vital business services, enhance infrastructure security, enforce compliance, and streamline service operations.

Cisco ISE 1.3 is our biggest release yet and boasts a number of new and newly-redesigned features:

  • Simplified and newly-redesigned Guest Experiences for easier guest onboarding and administration. Create highly-customizable, branded mobile and desktop guest portals in minutes with dynamic visual workflows and manage every aspect of guest access easily from ISE.
  • Streamlined BYOD and Enterprise Mobility, courtesy of easy, out-of-the-box setup, self-service device onboarding and management, an all-new internal certificate authority, new multi-forest Active Directory support, and integrated enterprise mobility management (EMM) partner software – now including Cisco Meraki Systems Manager in ISE 1.3!
  • Cisco Platform Exchange Grid (pxGrid) to share deep contextual data from ISE to third-party ecosystem partners. Collected contextual data from ISE is shared, via Cisco pxGrid, to external and internal ecosystem partner solutions to improve the efficacy of their own solutions and accelerate these solutions’ abilities to identify, mitigate, and remediate network threats.
  • An expanded, broad ecosystem of integrated partners that leverages ISE contextual data in order to improve the efficacy of their own solutions. For example, with ISE, integrated partner solutions can more rapidly remediate threats; streamline network forensics and endpoint vulnerability remediation; provide adaptive single-sign-on to identity-federated devices; and even extend secure access to SCADA/control networks – all based on context and identity received from Cisco ISE.
  • Greater visibility and more accurate device identification, courtesy of ISE’s advanced device profiling and device profile feed service, which reduces the number of unknown endpoints (and potential threats) on networks by 74%, on average.
  • Centralized, unified secure access control that streamlines network access policy for end-users regardless of how they connect to your networks (e.g., via wired, wireless, and VPN)
  • Software-defined network segmentation, based on business rules, that leverages Cisco TrustSec technology to create role-based access policy to dynamically segment access without the complexity of multiple VLANs or changing network architecture.

Cisco AnyConnect Secure Mobility Client 4.0 offers a major upgrade to the 100 million plus users globally.

This release pairs new flexible licensing to accommodate enterprises’ increasingly mobile environments with dynamic new features:

  • AnyConnect 4.0 Unified Agent for Cisco ISE 1.3 – Combines traditional VPN and security services with the posture and endpoint remediation agent capabilities in a new, single Unified Agent for ISE 1.3 users
  • Per-App VPN for mobile devices – Improves VPN bandwidth management in place of using multiple parallel VPN agents and offers greater control to enterprises to manage application access to sensitive business network resources
  • Support for Cisco TrustSec Security Group Tags (SGTs) – Leverages the Cisco ASA to enforce Cisco TrustSec SGTs to provide end-to-end application traffic segmentation
  • Extends traditional VPN edge to mobile – Prevent non-business apps from gaining corporate access to sensitive resources.

Visit www.cisco.com/go/ise and www.cisco.com/go/anyconnect for more information, including updated datasheets, At-a-Glances, and whitepapers. Cisco internal should visit the Selling Security IWE page for Secure Access and Mobility, and ATP partners can visit the ATP Partner site or the Security Community on Cisco.com.


Dave D'Aprile

Sr. Product/Solutions Marketing Manager

Secure Access and Mobility Product Group