Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Identity & Access

Cisco Pushes ‘Strength Through Integration’ in New Context and Control Platform

Cisco is revamping its security ecosystem to increase the focus on its Identity Services Engine, which would help enterprises deploy layered defenses without increasing complexity.

Cisco is revamping its security ecosystem to increase the focus on its Identity Services Engine, which would help enterprises deploy layered defenses without increasing complexity.

In the new architecture, Cisco Identity Services Engine will become the unified source of identity and device context, as well as network control for IT platforms in the enterprise, Dave Frampton, general manager of Cisco Secure Access product group, and Kevin Skahill, director of product management of Cisco Secure Access, said in a press briefing on Tuesday. In order to achieve this goal, Cisco will also integrate the ISE with various platforms from other security information and event management (SIEM) and threat defense partners.

Cisco Logo

Cisco will also roll out a context sharing framework, Platform Exchange Grid (pxGrid), within ISE to allow information sharing across multi-vendor and cross-platform networks. With this framework, IT administrators will have visibility across multiple systems via a single user interface.

“By incorporating unique real-time network and device context from ISE they now have a single source of truth all from one screen,” Frampton said.

IT departments have to manage more devices and user identities on the network than ever before, and the challenge is increased with the bring-your-own-device trend. The growing complexity of threats also means defense-in-depth is more important than ever.

The problem is that with every layer of security they add to deal with each threat, they run the risk of creating silos of information that aren’t accessible to other products.

IT departments wind up rolling out multiple products and then managing them independently–and manually–because there is no way for various security platforms to talk with each other. IT departments have to switch between multiple control panels to understand what is going on, and then figure out how to remediate the problem.

“Unit now, SIEM systems have lacked a complete picture of mobility and BYOD security risks, but with our new ecosystem, they can use ISE network telemetry to correlate user, device, and policy context with their traditional threat defense data sets,” Frampton said.

Advertisement. Scroll to continue reading.

The integration of ISE with other SIEM platforms using pxGrid will allow IT departments to identify new categories of possible threats on the network and target suspicious mobile devices. IT can also create analytics specific to devices, users, and groups for additional scrutiny, Frampton said.

Under Cisco’s new vision, ISE has a rich and deep contextual knowledge of all the devices connected to the network. IT can develop specific policies to handle an end-user using a specific device from a certain location to have particular access rights. If the user is on the LAN or Wi-Fi, the access rights to the applications may also change.

With pxGrid, ISE can provide contextual understanding of devices to the SIEM platform and receive instructions on how to remediate the issue, such as blocking devices or quarantining users.

To support the level of collaboration required with pxGrid, Cisco announced a series of partnerships with various SIEM vendors to form the Cisco Security Threat Defense Ecosystem. Partners include HP ArcSight, IBM, Lancope, LogRhythm, TIBCO LogLogic, Splunk, and Symantec. Mobile device management systems from IBM, Citrix, AirWatch, Good Technology, SAP, MaaS360, and MobileIron are also part of the Cisco Security Threat Defense Ecosystem.

“Through ISE, the Cisco Security Threat Defense Ecosystem provides this context, integrating with SIEM/threat defense systems to create policies and analytics based not just on network patterns, but also on type of device and class of user,” Cisco said.

The goal is to get past fragmented networks with silos of information that currently marks enterprise networks and build an integrated platform that can communicate openly between users on different networks.

CareFusion, a Cisco customer, has ISE in its labs and integrated with Lancop’e WebThreat and Cisco’s Netflow. The cyber-defense trifecta “gives CareFusion the network visibility and security context to respond to security threats much more efficiently,” said Bart Lauwers, vice-president of IT infrastructure at CareFusion. The company can now use ISE to figure out the “who/what/when/where/how associated with a potential threat,” and respond to the incident quickly, Lauwers said.

Cisco is testing pxGrid and ISE with select customers, with general availability expected during the first quarter of 2014.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

Artificial Intelligence

ChatGPT is increasingly integrated into cybersecurity products and services as the industry is testing its capabilities and limitations.

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Compliance

Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...

Email Security

Many Fortune 500, FTSE 100 and ASX 100 companies have failed to properly implement the DMARC standard, exposing their customers and partners to phishing...

Funding/M&A

The private equity firm merges the newly acquired ForgeRock with Ping Identity, combining two of the biggest names in enterprise IAM market.

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...