Heart of Cisco Security is ISE.
How do you identify the user when they log into the network? Traditionally this is a username and password combination but can easily be undermined by someone having knowledge of those credentials via theft.
Other factors can be used to determine whether a login is legitimate – for example, location, time of day etc. This is anomaly detection – i.e. unusual behaviour.
What – what device is being used to access the network
When – what time are you trying to access?
Where – where are you trying to log on and what are you trying to access?
Health – is the device being used healthy or at risk of Malware/AV?
ISE – Integrated Security Engine
Provides visibility into what’s happening on clients and solves the problems listed above.
Provides segmentation – issues Scalable Group Tags (SGT) which is part of Cisco TrustSec
Stops Threats – can isolate a host if viruses have been detected or definitions are out of date. ISE has the ability to hook into third party applications via pxGrid and provide/receive information.
