Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Identity & Access

Cisco Pushes ‘Strength Through Integration’ in New Context and Control Platform

Cisco is revamping its security ecosystem to increase the focus on its Identity Services Engine, which would help enterprises deploy layered defenses without increasing complexity.

Cisco is revamping its security ecosystem to increase the focus on its Identity Services Engine, which would help enterprises deploy layered defenses without increasing complexity.

In the new architecture, Cisco Identity Services Engine will become the unified source of identity and device context, as well as network control for IT platforms in the enterprise, Dave Frampton, general manager of Cisco Secure Access product group, and Kevin Skahill, director of product management of Cisco Secure Access, said in a press briefing on Tuesday. In order to achieve this goal, Cisco will also integrate the ISE with various platforms from other security information and event management (SIEM) and threat defense partners.

Cisco Logo

Cisco will also roll out a context sharing framework, Platform Exchange Grid (pxGrid), within ISE to allow information sharing across multi-vendor and cross-platform networks. With this framework, IT administrators will have visibility across multiple systems via a single user interface.

“By incorporating unique real-time network and device context from ISE they now have a single source of truth all from one screen,” Frampton said.

IT departments have to manage more devices and user identities on the network than ever before, and the challenge is increased with the bring-your-own-device trend. The growing complexity of threats also means defense-in-depth is more important than ever.

The problem is that with every layer of security they add to deal with each threat, they run the risk of creating silos of information that aren’t accessible to other products.

IT departments wind up rolling out multiple products and then managing them independently–and manually–because there is no way for various security platforms to talk with each other. IT departments have to switch between multiple control panels to understand what is going on, and then figure out how to remediate the problem.

“Unit now, SIEM systems have lacked a complete picture of mobility and BYOD security risks, but with our new ecosystem, they can use ISE network telemetry to correlate user, device, and policy context with their traditional threat defense data sets,” Frampton said.

The integration of ISE with other SIEM platforms using pxGrid will allow IT departments to identify new categories of possible threats on the network and target suspicious mobile devices. IT can also create analytics specific to devices, users, and groups for additional scrutiny, Frampton said.

Under Cisco’s new vision, ISE has a rich and deep contextual knowledge of all the devices connected to the network. IT can develop specific policies to handle an end-user using a specific device from a certain location to have particular access rights. If the user is on the LAN or Wi-Fi, the access rights to the applications may also change.

With pxGrid, ISE can provide contextual understanding of devices to the SIEM platform and receive instructions on how to remediate the issue, such as blocking devices or quarantining users.

To support the level of collaboration required with pxGrid, Cisco announced a series of partnerships with various SIEM vendors to form the Cisco Security Threat Defense Ecosystem. Partners include HP ArcSight, IBM, Lancope, LogRhythm, TIBCO LogLogic, Splunk, and Symantec. Mobile device management systems from IBM, Citrix, AirWatch, Good Technology, SAP, MaaS360, and MobileIron are also part of the Cisco Security Threat Defense Ecosystem.

“Through ISE, the Cisco Security Threat Defense Ecosystem provides this context, integrating with SIEM/threat defense systems to create policies and analytics based not just on network patterns, but also on type of device and class of user,” Cisco said.

The goal is to get past fragmented networks with silos of information that currently marks enterprise networks and build an integrated platform that can communicate openly between users on different networks.

CareFusion, a Cisco customer, has ISE in its labs and integrated with Lancop’e WebThreat and Cisco’s Netflow. The cyber-defense trifecta “gives CareFusion the network visibility and security context to respond to security threats much more efficiently,” said Bart Lauwers, vice-president of IT infrastructure at CareFusion. The company can now use ISE to figure out the “who/what/when/where/how associated with a potential threat,” and respond to the incident quickly, Lauwers said.

Cisco is testing pxGrid and ISE with select customers, with general availability expected during the first quarter of 2014.

Written By

Click to comment

Expert Insights

Related Content

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Audits

Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Identity & Access

Strata Identity has raised $26 million in a Series B funding round led by Telstra Ventures, with additional investment from Forgepoint Capital, Innovating Capital,...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.

Network Security

Cisco patched a high-severity SQL injection vulnerability in Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition (CM SME).

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...