SAN JOSE, CA--(Marketwired - Jun 13, 2013) - In a move to provide IT organizations with greater network visibility, an identity- and device-aware network, and consistent network mitigation policies for combating network threats, Cisco (
As a proof point for this integrated approach, Cisco is providing partner IT systems with a unified context and control platform they can integrate in the form of its network wide policy management platform, Identity Services Engine. ISE delivers a unified, real-time source of control for identity and endpoint devices, policy context and network access across a customer's network, expanding the intelligence the customer can use in concert with its IT infrastructure to discover, defend and remediate threats. Cisco Security Ecosystem partners that integrate with ISE increase their efficiency of operations and accelerate the ability of their IT staff to resolve network issues. The ecosystem also extends to partner products the ability to reach into the Cisco network infrastructure to execute policy actions on users and devices -- such as quarantine and blocking network access.
ISE is central to the Cisco Security Ecosystem because of its distinguishing ability to create partnership hooks in a variety of areas. It already is a focal platform for mobile device management partnerships, and Cisco today is creating the Cisco Security Threat Defense Ecosystem -- a new integration with leading SIEM (security information event management) and threat defense systems. SIEM and threat defense partners include IBM, Lancope, LogRhythm, TIBCO LogLogic, Splunk and Symantec. Cisco plans additional ISE-centered security partner ecosystems in the future to further extend identity and device awareness throughout the IT infrastructure.
Like many other network systems, SIEM and threat defense systems often have limited insight to real-time user identity or endpoint device type in their security analyses. This is critical because these are among key attributes for effectively handling things like employees bringing their own mobile devices to work. Through ISE, the Cisco Security Threat Defense Ecosystem integrates with SIEM and threat defense systems to create policies and analytics based not just on network patterns but also on type of device and class of user. The Threat Defense Ecosystem also makes security more actionable, integrating SIEM and threat defense with a central policy point instead of being another silo. This provides consistent cross-platform user/device visibility and control -- all from a single screen. Furthermore, the Threat Defense Ecosystem gives Cisco leadership in securing unified wired and wireless networks, which the company calls Unified Access, an intelligent network platform that can enable connected experiences and operational efficiencies. Unified Access is the business foundation to support the bring-your-own-device (BYOD) trend, and the Internet of Everything (IoE).
Also today, Cisco announced it is making Platform Exchange Grid (pxGrid) available for early adoption by ISE integration partners. Designed for cross-vendor adoption, ISE is the first platform to adopt pxGrid at Cisco, enabling it to share its context as well as consume context from ecosystem partners for use in network policy. An innovative approach, the pxGrid platform-independent framework enables customizable, many-to-many sharing between any third-party platforms that adopt pxGrid. Cisco will pursue standardization of pxGrid via relevant industry standards organizations in 2014.
- Broad IT Platform Integration with Cisco ISE for Context and Control: A comprehensive platform for supplying identity, device and policy context to relevant network operations and security systems, as well as consuming context from these systems for use in ISE network policy.
- Makes existing operations and security platforms more effective by enabling deeper, broader network and security insight, making a larger number of security events more actionable, and enabling consistent, cross-platform user/device visibility and control.
- Provides more granular control over users and devices, such as when employees bring their own mobile devices to work, and uses ISE as a unified network policy point.
- Enables partner systems to keep tabs on all devices, to tailor IT operations based on different types of users, and to simplify policy orchestration across systems.
- Cisco Security Threat Defense Ecosystem: A proof point of the Cisco Security Technology Partner Ecosystem that specifically enables SIEM and threat defense vendors' products for better security insight, accuracy and event action.
- ISE integration aids SIEM and Threat Defense partner systems in quickly assessing whether a security concern requires action. This decreases the time to response and helps ensure that the right action is taken on an event, such as completely blocking user/device access, quarantining it to a subset of network access or fully blocking network access. This integration is available for customer deployment in July 2013.
- pxGrid: A context information-sharing framework built within ISE that enables multivendor, cross-platform network collaboration for more effective and efficient operations across the entire IT infrastructure.
- Broadens intelligence and applies policy across the world's largest networking installed base that makes up the majority of the Internet by enabling easy sharing of context between network systems, and allowing partner systems to share context information with each other.
- Offers one interface to many systems, enables access-controlled, any-to-any sharing, and helps ensure there is a broad ecosystem to integrate with by driving pxGrid to industry standards.
- pxGrid will also integrate with the Cisco Open Network Environment (Cisco ONE), allowing partners to orchestrate network actions in response to events and conditions.
- Available for early adoption by ISE integration partners. ISE is the first platform to adopt pxGrid at Cisco, enabling it to share its context as well as consume context from ecosystem partners for use in network policy. Cisco will work with partners in advance of expected customer deployment in 2014.
- Cisco Cyber Threat Defense (CTD) Solution:
- Uses enhanced visibility and actionable insight to defend the network interior from advanced persistent threats (APTs) and other stealthy, targeted attacks that are increasingly bypassing detection conducted by traditional means.
- Combines three main components: Cisco NetFlow generated by your customer's network infrastructure; Lancope StealthWatch System to aggregate and analyze NetFlow telemetry data to detect threats and suspicious behavior; and, optionally, contextual information from ISE for user identity and endpoint device type to collectively decipher the nature and severity of the threat.
- Simplifies error-prone and expensive manual threat investigation processes.
- Uses existing Cisco switch, router and security appliance network footprint.
- Available for customer deployment today.
Bart Lauwers, vice president, IT Infrastructure, EA, & InfoSec, CareFusion
"NetFlow, ISE and Lancope together represent the cyberdefense trifecta that gives CareFusion the network visibility and security context to respond to security threats much more efficiently. We now have a single pane of glass that tells us the 'who/what/when/where/how' associated with a potential threat, which helps us prioritize the most serious events and respond to them quickly. The ability to leverage the network as a virtual sensor grid and reference ISE as an identity- and device-contextual information root for the network creates a single source of data security intelligence, compared to cumbersome management of incident response across multiple, nonintegrated endpoint solutions."
Dave Frampton, vice president and general manager, Cisco Secure Access and Mobility Product Group
"Until now, SIEM/threat defense systems have lacked a complete picture of mobility and BYOD security risks, but with our new ecosystem they can use ISE network telemetry to correlate user, device and policy context with their traditional threat defense data sets. In addition to identifying new categories of possible threats on the network, they can now also target suspicious mobile devices and start creating device- or user- or group-specific analytics for additional scrutiny. By incorporating unique real time network and device context from ISE, they now have a single source of truth all from one screen. This consolidation helps them sort through suspicious events faster and take focused remediation action versus having to literally look at five different screens and manually connect the dots."
- Cisco Security Blog: Identity and Device Aware IT Platforms Make Life Easier
- Cisco Security Partner Ecosystem
- Cisco Identity Services Engine Data Sheet
- Cisco Identity Services At-A-Glance
- Cisco pxGrid At-A-Glance
RSS Feed for Cisco: http://newsroom.cisco.com/rss-feeds
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company.