At the most recent RSA Conference, SC Magazine awarded Cisco Identity Services Engine (ISE) the top spot for Best NAC Solution. In the words of the award panel, “this honor goes to vendors and practitioners who make a difference… and detect, respond and recover from cyber attacks.”[1]

Network Access Control (NAC) solutions have been around for some time and secure access has never been more important. The number of connected devices is exploding, IoT has certainly hit its stride, BYOD is here to stay, and accessing your work from anywhere is now an expectation. Visibility into all of these endpoints and devices is critical so they are managed and protected properly. That’s where ISE shines.

Among those attributes that made ISE stand out, SC Magazine recognized that Cisco ISE

  • Simplifies the complexity of secure network access.
  • Provides visibility into the users and devices accessing your network and the control to help ensure that only the right people from the right devices get the correct access to the enterprise services.
  • Controls all access throughout the network from one place, simplifying access delivery across wired, wireless, and VPN connections.
  • Provides, as a controller for Cisco TrustSec, a simple and scalable way to manage segmentation across the network.
  • Stops and contains threats by dynamically controlling network segmentation.

Earning this award is no small feat. Finalists and winners are chosen by two panels of judges comprised of a range of current and former CISOs, vendor-neutral consultants, analysts and educators from academic institutions.[2] I like to think of the SC Awards as the People’s Choice Awards for cybersecurity, which speaks all the more to ISE’s dominance in the Best NAC Solution award category.

It’s important to note two important points that make ISE standout:

  1. ISE is way more than NAC, a term that traditionally refers to the means to implement policies for controlling device and user access to corporate networks[3]. Not only does ISE meet these criteria at unmatched scale, but it also provides deep user and device details that can be shared with other Cisco and 3rd-party technologies. This sharing is bi-directional, allowing ISE to receive threat intelligence and alerts for rapid threat containment. ISE takes policy enforcement to a whole new level with TrustSec and its software-defined approach to segmentation that provides role-based access to scale at the pace of your business. It’s for all these reasons that we’re more inclined to call ISE a “next-gen NAC” solution.

  1. The amount of innovation that’s occurred in ISE within the past two years is staggering and aligned with Cisco’s quest for effective security that is simple, open and automated. Everything from supporting TACACS+ for device administration to a complete redesign of the user interface. We’re even making the deployment of 802.1x, BYOD, and Guest on Cisco Wireless LAN Controllers a simple, straightforward process that can take less than 5 minutes. And we have no plans to stop, with version 2.3 planned for release later in 2017.

Learn more about ISE at www.cisco.com/go/ise .

[1] https://media.scmagazine.com/documents/286/botn2017_71287.pdf

[2] https://www.scmagazine.com/awards/

[3] 2016 Gartner Market Guide for Network Access Control


Dan Stotts

Product Marketing Manager

Security Product Marketing organization