Planes, trains, and automobiles – if it’s on your network, Cisco ISE can see it in minutes and control its access dynamically at scale.
Networks are increasingly distributed and more devices are connecting to your network every day. Research finds that 300 billion devices will be connected to the Internet by 2030, up from 50 billion in 2020. IoT devices will account for the vast majority, while traditional computing devices – smartphones, tablets, smartwatches – many of which are employee-owned, will comprise the minority.
Organizations are adding one-point solution after another to protect a dynamic environment. Meanwhile, attackers are trading on an expanding attack surface and mounting complexity to make a quick profit.
Cisco is committed to helping organizations cut through this complexity and regain the upper hand against advanced attacks with security that’s effective and simple. Cisco Identity Services Engine (ISE) 2.1 allows you to control all access throughout the network from one place, see and share rich user and device details, and stop threats from getting in or spreading.
Announcing Cisco ISE 2.1
Cisco ISE simplifies secure access, increases visibility, reduces risk, and contains threats.
A Single Source of Control for All Access Across the Network
Easy Connect. Simplify network access authorization from any endpoint – wired or wireless – whether or not the device supports 802.1x. This quick, easy, and flexible method is particularly important in wired connections where authentication using 802.1x may not be an option or easy to deploy on every device. When users disconnect they can easily reconnect with the same IP address without having to login again.
Streamlined Visibility. Quickly and easily learn about every device and user connected to your network in just a few hours. A streamlined visibility wizard provides you with everything you need to know about corporate, BYOD and guest devices in just a few clicks. A simple, flexible, and intuitive dashboard delivers detailed visibility and context – more than 50 different attributes, on up to 1.5 million endpoints – to determine policy violations and threats.
Stop Threats from Getting in and Spreading
Rapid Threat Containment. Firepower Management Center (FMC) 6.1 is now integrated with ISE 2.1 allowing you to automatically and dynamically contain and prevent threats from spreading further into the network using your existing investments. When a threat does infiltrate the network you can combine the power of advanced malware detection and enforcement with ISE 2.1 to reduce risk – stopping attackers from accomplishing their mission.
Threat-Centric NAC. As another component of the Cisco Rapid Threat Containment solution, ISE now automatically assesses the security posture of every endpoint as it connects to the network based on real-time threat scores. Quarantine or provide limited network access for endpoints based on thresholds you set. Dynamically update policy and change network privileges if an endpoint becomes non-compliant or its threat score changes. Let’s say for example an employee downloads a malicious file when off the corporate network and tries to re-enter that network. Now instead of just analyzing whether the endpoint is compliant with the necessary anti-virus and patched operating systems, ISE dynamically receives information from products like Cisco AMP that inform ISE that this endpoint has downloaded a malicious file and indicates to ISE that this endpoint should NOT be given its normal level of access. This is yet another example of how Cisco is enabling an integrated, automated security architectures.
To learn more about how ISE can simplify secure access and reduce risk for your organization, visit cisco.com/go/ise.