2
7/27/2019 at_a_glance_c45-728402 http://slidepdf.com/reader/full/ataglancec45-728402 1/2 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of t heir respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) At-A-Glance Overview Increased complexity in network environments has driven the need for a consistent approach to integrating user identity and device information across a variety of IT operations and network platforms. With the advent of mobility, “bring your own device” (BYOD) policies, software as a service (SaaS), virtualization, and complex cyber threats, it has become necessary to integrate identity and device information into many aspects of network policy and operations to ensure effective network control and oversight. This integration ranges from endpoint management to security analysis. Integrating technology partner platforms with Cisco® Identity Services Engine (ISE) enables IT organizations to apply consistent methods to make their platforms identity-, device-, and policy-aware. ISE provides accurate, real-time identity, device, posture, and network access policy context across many ecosystem partner platforms, enabling them to address more use cases and undertake their functions more effectively. Integration with ISE also allows partner platforms to use the Cisco network infrastructure to execute network actions on users and devices, such as quarantine and blocking access. These identity- and device-aware visibility and network response capabilities increase efficiency of operations and help expedite network event resolution. Highlights and Components The Cisco ISE Ecosystem is composed of Cisco ISE with an Advanced Feature License and a platform from one of our integration partners, including the following ecosystem solutions: Mobile device management (MDM): Integration between Cisco ISE and MDM partner platforms enables posture compliance assessment and network access control of mobile endpoints attempting to access the network. The solution performs ongoing posture checks to ensure compliance and that the correct network access level is maintained. Security event and information management and threat defense (SIEM/TD): Integration with Cisco ISE enables SIEM/TD partner platforms to supplement their networkwide security event visibility with information about user identity, network authorization levels, endpoint device identification, and security posture. This provides a composite, “single pane of glass” view of a security event from the SIEM/TD partner console. Partners are also able to take remediation actions via ISE; the solution provides complete visibility, contextual assessment, and remediation capabilities from the partner platform. ISE Ecosystem partner integration is accomplished by ISE sharing its user, device, and policy context with the partner; by the partner sharing its context with ISE for use in network access policy; or both. ISE network response capabilities may be extended to the partner platform for executing network actions (Figure 1). Figure 1. ISE Ecosystem Integration Points ISE Ecosystem Partner Context ISE ISE Context Ecosystem Partner Extend the reach of partner platforms into network access Integrate with centralized policy Make partner platforms more eective with identity and policy enablement Make events actionable Decrease time to response Common Use Cases Decrease time to event classification – Utilize ISE user, device type, access level, and posture information to answer common questions needed to expedite the classification of and response to a network event. Analyze mobile- and device-aware systems – Utilize ISE device-type information to create analytics and policies specific to mobile devices. This helps enable a systemwide view of the mobility environment. Differentiate privileges of users and groups – Utilize ISE user information to enable oversight for specific users or groups, such as populations with access to highly sensitive data or less trusted populations (guests, for example).

at_a_glance_c45-728402

Embed Size (px)

Citation preview

Page 1: at_a_glance_c45-728402

7/27/2019 at_a_glance_c45-728402

http://slidepdf.com/reader/full/ataglancec45-728402 1/2

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks.Third-party trademarks mentioned are the property of t heir respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)

At-A-Glance

Overview

Increased complexity in network environments has driven the need for a consistent

approach to integrating user identity and device information across a variety of IToperations and network platforms. With the advent of mobility, “bring your own device”

(BYOD) policies, software as a service (SaaS), virtualization, and complex cyber

threats, it has become necessary to integrate identity and device information into many

aspects of network policy and operations to ensure effective network control and

oversight. This integration ranges from endpoint management to security analysis.

Integrating technology partner platforms with Cisco® Identity Services Engine (ISE)

enables IT organizations to apply consistent methods to make their platforms identity-,

device-, and policy-aware. ISE provides accurate, real-time identity, device, posture,

and network access policy context across many ecosystem partner platforms, enabling

them to address more use cases and undertake their functions more effectively.

Integration with ISE also allows partner platforms to use the Cisco network infrastructure

to execute network actions on users and devices, such as quarantine and blocking

access. These identity- and device-aware visibility and network response capabilities

increase efficiency of operations and help expedite network event resolution.

Highlights and Components

The Cisco ISE Ecosystem is composed of Cisco ISE with an Advanced Feature License

and a platform from one of our integration partners, including the following ecosystem

solutions:

• Mobile device management (MDM): Integration between Cisco ISE and MDM partner

platforms enables posture compliance assessment and network access control of mobile endpoints attempting to access the network. The solution performs ongoing

posture checks to ensure compliance and that the correct network access level is

maintained.

• Security event and information management and threat defense (SIEM/TD):

Integration with Cisco ISE enables SIEM/TD partner platforms to supplement their

networkwide security event visibility with information about user identity, network

authorization levels, endpoint device identification, and security posture. This

provides a composite, “single pane of glass” view of a security event from the

SIEM/TD partner console. Partners are also able to take remediation actions via ISE;

the solution provides complete visibility, contextual assessment, and remediation

capabilities from the partner platform.

ISE Ecosystem partner integration is accomplished by ISE sharing its user, device, and

policy context with the partner; by the partner sharing its context with ISE for use in

network access policy; or both. ISE network response capabilities may be extended tothe partner platform for executing network actions (Figure 1).

Figure 1. ISE Ecosystem Integration Points

ISE

Ecosystem Partner Context → ISE ISE Context → Ecosystem Partner

Extend the reach of partner

platforms into network access

Integrate with centralized policy

Make partner platforms more

eective with identity and

policy enablement

Make events actionable

Decrease time to response

Common Use Cases

• Decrease time to event classification – Utilize ISE user, device type, access level,

and posture information to answer common questions needed to expedite the

classification of and response to a network event.

• Analyze mobile- and device-aware systems – Utilize ISE device-type information

to create analytics and policies specific to mobile devices. This helps enable a

systemwide view of the mobility environment.

• Differentiate privileges of users and groups – Utilize ISE user information to enable

oversight for specific users or groups, such as populations with access to highly

sensitive data or less trusted populations (guests, for example).

Page 2: at_a_glance_c45-728402

7/27/2019 at_a_glance_c45-728402

http://slidepdf.com/reader/full/ataglancec45-728402 2/2

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks.Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) C45-728402-00 06/13

At-A-Glance

• Identify devices with security posture failures – Utilize ISE endpoint posture

information to identify and differentiate endpoints that have a noncompliant posture

status. These devices typically represent a higher security risk on the network.• Utilize ISE as a unified network access policy point – Ease operations with a central

policy point instead of numerous individual policy silos across the IT infrastructure.

ISE ecosystem partner platforms can provide context to ISE, which can then be

applied across the many attributes ISE uses to formulate network access policy.

Benefits

• Increased effectiveness of existing operations and security platforms through

identity and device awareness

• Extend the reach of existing operations and security platforms into network access

policy by integrating with ISE network policies

• Decreased time to identify, assess, and respond to network events

• IT platforms aligned to a consistent source of user, device, policy visibility, and

network control

For More Information

Refer to the individual ISE Ecosystem At-a-Glance documents for detailed information

regarding each Cisco ISE Ecosystem partner. Detailed information regarding specific

partners is available on the Cisco Developer Network Marketplace

at http://marketplace.cisco.com/catalog .

http://marketplace.cisco.com/catalog
http://marketplace.cisco.com/catalog

The Dutch Republic In International Trade

The Dutch Republic In International Trade

Documents
Explore The Levels of Creation

Explore The Levels of Creation

Documents
Star Wars Trivia!

Star Wars Trivia!

Documents
Chapter 23

Chapter 23

Documents
Star Wars Original Trilogy Trivia (Episodes IV-VI)

Star Wars Original Trilogy Trivia (Episodes IV-VI)

Documents
Oedipus The King: The Ideal Tragic Play

Oedipus The King: The Ideal Tragic Play

Documents
Physical Modelling Synthesis Overview

Physical Modelling Synthesis Overview

Documents
Who Killed God

Who Killed God

Documents
xCDC14a

xCDC14a

Documents
Basic Buffer Overflows Explained

Basic Buffer Overflows Explained

Documents
Chapter-01

Chapter-01

Documents
Algorithms

Algorithms

Documents
Heidegger Kritik

Heidegger Kritik

Documents
1 시스템분석입문

1 시스템분석입문

Documents
Keyboard Shortcuts for the Opera Browser for Mac OS X

Keyboard Shortcuts for the Opera Browser for Mac OS X

Documents
Daniel Zanella and Alexander Weygers

Daniel Zanella and Alexander Weygers

Documents
Compressing And Decompressing Folders

Compressing And Decompressing Folders

Documents
The Best American Humorous Short Stories

The Best American Humorous Short Stories

Documents
Plato - Symposium

Plato - Symposium

Documents
European Colinization of Latin America

European Colinization of Latin America

Documents
Barclays1

Barclays1

Documents
Introduction to Six Sigma

Introduction to Six Sigma

Documents
Steve Jobs' Commencement Speech at Stanford

Steve Jobs' Commencement Speech at Stanford

Documents
Do you admire Leonardo da Vinci?

Do you admire Leonardo da Vinci?

Documents
Venture Capital

Venture Capital

Documents
Jan Van Eyck and the Man In A Red Turban

Jan Van Eyck and the Man In A Red Turban

Documents
Improve the Color Quality Of Your Monitor

Improve the Color Quality Of Your Monitor

Documents
Fortran

Fortran

Documents
Acetone Peroxide

Acetone Peroxide

Documents
Tragic Heroes

Tragic Heroes

Documents