SDA Services – Network Security

Heart of Cisco Security is ISE.

How do you identify the user when they log into the network? Traditionally this is a username and password combination but can easily be undermined by someone having knowledge of those credentials via theft.

Other factors can be used to determine whether a login is legitimate – for example, location, time of day etc. This is anomaly detection – i.e. unusual behaviour.

What – what device is being used to access the network
When – what time are you trying to access?
Where – where are you trying to log on and what are you trying to access?
Health – is the device being used healthy or at risk of Malware/AV?

ISE – Integrated Security Engine

Provides visibility into what’s happening on clients and solves the problems listed above.
Provides segmentation – issues Scalable Group Tags (SGT) which is part of Cisco TrustSec
Stops Threats – can isolate a host if viruses have been detected or definitions are out of date. ISE has the ability to hook into third party applications via pxGrid and provide/receive information.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.