Virtual Event Now Live: Zero Trust Strategies Summit! - Login for Access
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Identity & Access

Cisco Pushes ‘Strength Through Integration’ in New Context and Control Platform

Cisco is revamping its security ecosystem to increase the focus on its Identity Services Engine, which would help enterprises deploy layered defenses without increasing complexity.

Cisco is revamping its security ecosystem to increase the focus on its Identity Services Engine, which would help enterprises deploy layered defenses without increasing complexity.

In the new architecture, Cisco Identity Services Engine will become the unified source of identity and device context, as well as network control for IT platforms in the enterprise, Dave Frampton, general manager of Cisco Secure Access product group, and Kevin Skahill, director of product management of Cisco Secure Access, said in a press briefing on Tuesday. In order to achieve this goal, Cisco will also integrate the ISE with various platforms from other security information and event management (SIEM) and threat defense partners.

Cisco Logo

Cisco will also roll out a context sharing framework, Platform Exchange Grid (pxGrid), within ISE to allow information sharing across multi-vendor and cross-platform networks. With this framework, IT administrators will have visibility across multiple systems via a single user interface.

“By incorporating unique real-time network and device context from ISE they now have a single source of truth all from one screen,” Frampton said.

IT departments have to manage more devices and user identities on the network than ever before, and the challenge is increased with the bring-your-own-device trend. The growing complexity of threats also means defense-in-depth is more important than ever.

The problem is that with every layer of security they add to deal with each threat, they run the risk of creating silos of information that aren’t accessible to other products.

IT departments wind up rolling out multiple products and then managing them independently–and manually–because there is no way for various security platforms to talk with each other. IT departments have to switch between multiple control panels to understand what is going on, and then figure out how to remediate the problem.

“Unit now, SIEM systems have lacked a complete picture of mobility and BYOD security risks, but with our new ecosystem, they can use ISE network telemetry to correlate user, device, and policy context with their traditional threat defense data sets,” Frampton said.

Advertisement. Scroll to continue reading.

The integration of ISE with other SIEM platforms using pxGrid will allow IT departments to identify new categories of possible threats on the network and target suspicious mobile devices. IT can also create analytics specific to devices, users, and groups for additional scrutiny, Frampton said.

Under Cisco’s new vision, ISE has a rich and deep contextual knowledge of all the devices connected to the network. IT can develop specific policies to handle an end-user using a specific device from a certain location to have particular access rights. If the user is on the LAN or Wi-Fi, the access rights to the applications may also change.

With pxGrid, ISE can provide contextual understanding of devices to the SIEM platform and receive instructions on how to remediate the issue, such as blocking devices or quarantining users.

To support the level of collaboration required with pxGrid, Cisco announced a series of partnerships with various SIEM vendors to form the Cisco Security Threat Defense Ecosystem. Partners include HP ArcSight, IBM, Lancope, LogRhythm, TIBCO LogLogic, Splunk, and Symantec. Mobile device management systems from IBM, Citrix, AirWatch, Good Technology, SAP, MaaS360, and MobileIron are also part of the Cisco Security Threat Defense Ecosystem.

“Through ISE, the Cisco Security Threat Defense Ecosystem provides this context, integrating with SIEM/threat defense systems to create policies and analytics based not just on network patterns, but also on type of device and class of user,” Cisco said.

The goal is to get past fragmented networks with silos of information that currently marks enterprise networks and build an integrated platform that can communicate openly between users on different networks.

CareFusion, a Cisco customer, has ISE in its labs and integrated with Lancop’e WebThreat and Cisco’s Netflow. The cyber-defense trifecta “gives CareFusion the network visibility and security context to respond to security threats much more efficiently,” said Bart Lauwers, vice-president of IT infrastructure at CareFusion. The company can now use ISE to figure out the “who/what/when/where/how associated with a potential threat,” and respond to the incident quickly, Lauwers said.

Cisco is testing pxGrid and ISE with select customers, with general availability expected during the first quarter of 2014.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Threat intelligence firm Intel 471 has appointed Mark Huebeler as its COO and CFO.

Omkhar Arasaratnam, former GM at OpenSSF, is LinkedIn's first Distinguised Security Engineer

Defense contractor Nightwing has appointed Tricia Fitzmaurice as Chief Growth Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.