In one of my previous posts, I noted how Network Access Control (NAC) platforms have started evolving into more visibility-focused and context-aware platforms in the face of major business trends such as enterprise mobility, the migration of resources to the cloud, and the ubiquitous Internet of Everything. Consequently, “new NAC” technology has quietly transformed from a complicated set of controls – outdated in a more mobile world – into a powerful business enabler for enterprises.

The Cisco Visual Networking Index (VNI) forecasts that over fifty billion new connected devices will hit networks by the year 2020. With this massive proliferation of network-enabled devices firmly in mind, I am proud to announce that the latest version of the market-leading Cisco Identity Services Engine (ISE) is now available. Cisco Identity Services Engine builds upon the solid foundation of our last release to round out the current platform by focusing on expanding the ISE partner ecosystem with new, exciting categories for context-aware security as well as advancing endpoint security capabilities.

Eleven new partners have joined the ISE Ecosystem, powered by pxGrid technology. Cisco is also adding two new ecosystem technology categories, including cloud access security and network/application performance management. pxGrid is Cisco’s security context information exchange fabric included within ISE that enables security platforms to share information to drive better threat detection, mitigation and improve overall security operations.

The ISE integrated partner ecosystem continues to grow with new technology categories:

  • Cloud Access Security Brokers (CASB) – New integrations with SkyHigh Networks and Elastica enable these CASB platforms to leverage ISE contextual data to gain deeper visibility, security, and control over access to cloud resources as well as potential risks, such as data exfiltration to cloud storage services
  • Network/Application Performance Management (NPM/APM) – New integrations with Savvius and LiveAction provides their NPM and APM platforms with user/device context that provide deeper visibility into the performance and availability of both software applications and network devices to ensure optimal levels of user service – for example, by more quickly diagnosing and resolving application issues and network bottlenecks.

…and new partners to existing technology partner categories…

  • Security Information and Event Management (SIEM) & Threat Defense – ISE now integrates with FortScale and Rapid7.
  • Contextual Risk-Based Authentication and Single-Sign-On with Identity – NetIQ and SecureAuth, join Ping Identity for Identity Access Management
  • Endpoint Vulnerability Prioritization – Rapid7 Nexpose joins another category for ISE to help mitigate vulnerabilities on endpoints.
  • Enterprise Mobility Management (EMM) – JAMF, Globo, and Absolute join our leading EMM providers – including our own Cisco Meraki Systems Manager Enterprise – to help secure mobile endpoints.
  • Web Security – Cisco’s very own Web Security Appliance (WSA) now integrates with ISE to supplement its web security policy attributes with contextual data from ISE to create more granular web access policies and learn valuable end-user behavioral data for policy improvement.

In addition, Cisco Identity Services Engine 1.4 helps enterprises target endpoint security with…

  • Off-Premises EMM Onboarding – Cisco ISE 1.4 now allows mobile workers to onboard their iOS and Android mobile devices with Enterprise Mobility Management (EMM) software from outside their corporate networks. ISE 1.4 now can leverage information from EMM software, such as Cisco Meraki Systems Manager Enterprise, in order to make policy decisions on mobile devices using a Cisco AnyConnect VPN session.
  • Endpoint Posture Enhancements – With ISE 1.3, ISE was able to leverage AnyConnect for the first time as a posture agent. This release provides a number of enhancements including updated abilities for patch management software as well as the new capabilities within AnyConnect to install and launch Cisco Advanced Malware Protection for Endpoints.

If you are attending Cisco Live! San Diego from June 7th through June 11th, make sure to stop by the Cisco Security area. We will be there to chat in person about what’s new with the Cisco Identity Services Engine and how enterprises can leverage these new features and integrations to secure their network from advanced threats.


Dave D'Aprile

Sr. Product/Solutions Marketing Manager

Secure Access and Mobility Product Group