Access and Policy License Double Click
|
|
- Barry Taylor
- 5 years ago
- Views:
Transcription
1 Access and Policy License Double Click Matt Schmitz April 2015
2 Agenda License Refresher Positioning Old vs New Renewals Wrap-up Cisco Con!dential 2
3 Cisco Identity Services Engine (ISE) Delivering Visibility, Context, and Control to Secure Network Access NETWORK / USER CONTEXT PARTNER CONTENT DATA Who What THE CENTERPIECE FOR CONSISTENT SECURITY ACROSS WIRED, WIRELESS & VPN Cisco Con!dential 3
4 Why ISE Is Important Policy + Infrastructure + Security di#erentiation (!ght point product sales) Professional services attach (retire quota) Widen conversation with your customer s organization (BYOD -> new enterprise apps -> lines of business) Eco-system integration allows partners to sell portfolio Bolster cross selling opportunities (AC -> ASA, AMP, CWS, etc)
5 Quick Refresher Why New License Structure Line up licenses tiers with di#erent enterprise use cases (e.g. pro!ling + BYOD vs forcing customer to buy all Advanced) Right size customer expenditure based on what they need Ensure consistent selling motion with AC (same as all the other headends) Break out 3 rd Party MDM/EMM integration (Meraki alignment)
6 1.3 License Changes Use Case Focused What s Changing with ISE 1.2 Licensing? * ISE Base/Plus/Apex under ATP * AnyConnect Apex not under ATP O L D Base (Perpetual Lic.)! AAA! 802.1X! Guest Plus (Term Lic.)! BYOD! Pro!ling & Feed Service! TrustSec SGT! Endpoint Protection Svcs! BYOD! Pro!ling! Feed Service! TrustSec SGT Advanced (Term Lic.)! Endpoint Protection Svcs.! MDM 3 rd Party! Endpoint Compliance & Remediation N E W Base (Perpetual Lic.)! AAA! 802.1X! Enhanced Guest! TrustSec! Multiple APIs Plus (Term Lic.)! BYOD! Internal CA! Pro!ling & Feed Service! EPS! pxgrid Apex (Term Lic.) NEW!! MDM 3 rd Party Integration! Endpoint Compliance & Remediation NEW! AC Apex (Term Lic.)! Uni!ed Posture Agent! All APEX VPN Services! Base License Remains The Same In ISE 1.3! Plus License Remains The Same In ISE 1.3! Advanced decomposed into Plus and Apex and then Apex into Headend (ISE Apex) and Endpoint (AC Apex) Cisco Con!dential 6
7 Selling Motion Old Subset ADVANCED New Subset APEX AC APEX Compliance Veri!cation of user-based compute platforms Everywhere PLUS Context Visibility and sharing throughout network Everywhere BASE Everywhere BASE Access Core AAA services throughout the network Cisco Con!dential 7
8 What does a la carte mean - Enables Flexible Combinations Grey Box = Deployment AC APEX APEX APEX APEX BASE BASE PLUS APEX Licenses > BASE licenses Not Allowed BASE APEX AC APEX PLUS BASE PLUS PLUS PLUS Licenses > BASE licenses Not Allowed BASE BASE BASE Licenses Any Other Licenses Cisco Con!dential 8
9 Examples - I Want Basic Access + Guest BASE Cisco Con!dential 9
10 Examples I Want BYOD + Pro!ling PLUS BASE Cisco Con!dential 10
11 Examples I Want 3 rd Party MDM Integration APEX BASE Cisco Con!dential 11
12 Examples I Want Endpoint Compliance (Posture) APEX AC APEX BASE Cisco Con!dential 12
13 Examples I Want It All (Guest, Pro!ling, 3 rd Party MDM/ EMM, Posture, Advanced VPN) APEX AC APEX PLUS BASE Cisco Con!dential 13
14 Wireless -> Mobility ISE 1.2 WIRELESS (Term) All ISE Services >Wireless Devices ONLY WIRELESS UPGRADE (Term) Add Wired Services Mobility Adds VPN Access - AC Apex Ordered Separately ISE 1.3 MOBILITY-BASE MOBILITY* (Term) (Term) Basic All ISE RADIUS services (same AAA as existing Guest Wireless Services Lic) Only for Wireless & Remote Access (No Device Registered via Guest Portal Wired Services) >Wireless & Remote Access Devices Option to add AC Apex NEW! MOBILITY UPGRADE** (Term) Add Wired Services NEW! * Mobility Cisco Not and/or Under its a"liates. All ATP rights reserved. AC APEX ** Mobility Upgrade Cisco Under Con!dential ATP 14
15 Agenda License Refresher Positioning Old vs New Renewals Wrap-up Cisco Con!dential 15
16 Base (Perpetual) Positioning Core Features AAA/ RADIUS Guest Services TrustSec/ SGT Use Case X - MAC Authentication Bypass - Centralized Web Auth - Sponsor controlled guest access - Self-serve guest access Value - Secure, credential/certi!cate enterprise access to separate friend from foe - Simple device ID-based access as alternative to 802.1X - Portals driven interaction allows IT to di#erentiate users - Employee empowered to host guests - Secure visitor access without burdening IT - Software De!ned Segmentation - Simpli!es!rewall rule, ACL, VLAN management without costly re-architecture Aruba - Has Guest/AAA/RADIUS o#er but much more expensive than BASE Forescout - Does not have Guest only o#er - No TrustSec/Segmentation - No TrustSec/Segmentation, Non-scalable control architecture -> troubleshooting issues
17 Plus (5/3/1 YR Term) Positioning Core Features Pro!ling BYOD Use Case - Active and Passive Probes - Feed Service - Easy User Onboarding with Self- Service Device Portal - Built in CA for System Operations, Portals and Device Registration Value - Combination of endpoint scanning services delivers robust identi!cation - New, vetted devices means faster onboarding and lower number of unknowns - Simplifying BYOD removes burden from IT - Avoids added CA expense and operational complexity within IT domains pxgrid - Context-focused eco-system - Make disparate IT solutions smarter Aruba - No standards-based eco-system, API scale issues - Limited probes, no automatic feed service, OnBoard + Guest cost more than Base + Plus Forescout - No standards-based eco-system, API scale issues, pay for integrations - No feed service, limited BYOD capabilities (e.g. no CA)
18 Apex (5/3/1 YR Term) Positioning Core Features Posture MDM Integration Use Case - Endpoint compliance checks across wired, wireless and VPN - Endpoint remediation - Leverage Meraki / 3 rd Party MDM context to enable mobile access Value - Prevent/limit network access for noncompliant devices across entire enterprise lowers security risks ( before action) - Allow users to bring endpoints into compliance without increasing IT workload - Ensure mobile devices get proper level of access for services they need and maximize user productivity Aruba Forescout - No integrated VPN agent - No integrated VPN agent - Clientless story only applies to Windows and requires common admin credentials - No optional security services (CWS, AMP) - No optional security services (CWS, AMP)
19 Agenda License Refresher Positioning Old vs New Renewals Wrap-up Cisco Con!dential 19
20 Per-endpoint pricing by license SKU (slight premium for AnyConnet as posture agent) $160,00 $140,00 $120,00 $100,00 $80,00 Base Lic Base+Plus Lic Base+Plus+ISE APEX+AC APEX Base+Adv Lic $60,00 Base+Adv+AC Premium $40,00 $20,00 $0, Cisco Con!dential 20
21 Advanced vs A La Carte Posture Only Example " Old License Model - 100K Base + 50K Adv (3 yr) - $87,500 + $1,242,000 = $1,329,500 vs " New License Model - 100K Base + 50K Apex (3 yr) + 50K AC Apex (3 yr) - $87,500 + $745,300+ $195,600 = $1,028,400 Moving to a la carte allows customers to right size consumption This saves customer money even with cost of ISE Apex and AC Apex Cisco Con!dential 21
22 Advanced vs A La Carte Posture + Pro!ling Example " Old License Model - 100K Base + 50K Adv (3 yr) - $87,500 + $1,242,000 = $1,329,500 vs " New License Model - 100K Base + 50K Plus (3 yr) + 50K Apex (3 yr) + 50K AC Apex (3 yr) - $87,500 + $497,000 + $745,300+ $195,600 = $1,525,400 Premium of ~ $200K but now services on spread across 100K vs just 50K So 14.7% cost increase for 100% increase in service expansion Cisco Con!dential 22
23 Agenda License Refresher Positioning Old vs New Renewals Wrap-up Cisco Con!dential 23
24 Renew Options for 1.1 and 1.2 Count A / Term X Term Expires #1 - Same Count A / Term X Renew Option # 2 More Count B / Term X ADVANCED or WIRELESS ADVANCED or WIRELESS # 3 Less Count C / Term X ADVANCED or ADVANCED or WIRELESS #4 - Length Count A / Term Y ADVANCED or WIRELESS WIRELESS #5 No Renew (Adv Only) Cisco Con!dential 24
25 Renew Options for Count A / Term X ADVANCED and/or PLUS Term Expires # 6 Mix Count D / Term X ADVANCED and Count E / Term X PLUS Renew Option #1-5 Same as Before # 7 Downgrade Count A / Term X PLUS # 8 Add (to Base) Count F / Term X PLUS WIRELESS #1-5 Same as Before Cisco Con!dential 25
26 Renew Options for 1.3 Count A / Term X APEX and/or AC APEX and/or PLUS Term Expires # 9 Alter Count D / Term X APEX and Count A / Term X PLUS Renew Option #1-8 Same as Before # 10 Phase Count A / Term X PLUS and Count A / Term X-2 APEX MOBILITY #1-5 Same as Before Cisco Con!dential 26
27 Upgrade to 1.3 What Happens -> Auto Convert ISE 1.2 Count A / Perpetual Count B / Term C Count B / Term C BASE PLUS ADVANCED APEX ISE 1.3 Count A / Perpetual BASE Count B / Term C PLUS Count B / Term C PLUS + Count B / Term C* APEX *Hang On AC Apex/ Cisco Con!dential 27 Posture in Next Slide
28 Existing ISE Adv Customer - Motion Grandfathered under old model - Get as many AC Apex as needed for remainder of Adv term - At renewal, decide how much Plus, Apex and AC Apex is needed - Wireless -> Mobility Exact same motion ($0 PO for AC Apex) - DSA Field Deals Desk / BU!nance will rubberstamp transaction ISE 1.2 (or lower) Upgrade to 1.3 Renewal APEX *AC Apex Licenses at $0 are only available to ISE Advanced customers who bought prior to Q3 FY 2015 AC APEX* ADVANCED NAC Agent BASE + AC APEX* $0 PO for as many users as required Base/Plus/Apex Licensed on ISE while AnyConnect Apex is just Right-To-Use PLUS BASE Cisco Con!dential 28
29 Agenda License Refresher Positioning Old vs New Renewals Wrap-up Cisco Con!dential 29
30 Cisco ISE is Core to Cisco Security Attack Continuum BEFORE Control Enforce Harden DURING Detect Block Defend AFTER Scope Contain Remediate Firewall VPN NGIPS Advanced Malware Protection NGFW UTM Web + Security Network Behavior Analysis NAC + Identity Services pxgrid + ISE Ecosystem ISE Provides Visibility, Context, and Control Across the Entire Continuum
31 Where to sell Question Yes No 1 Has your customer recently suffered a security breach? What about their industry peers? 2 3 Does your customer s workforce using a range of mobile devices? Are exploring how mobile will impact their business? Does your customer have different types of users (employees, contractors, partners, etc) accessing the network? 4 Do they have frequent guests that need Internet access or other services? 5 6 Are they expanding, merging, moving into a new building, or consolidating sites and want to evolve how IT delivers services? Are they in an industry where regulations or legislation has a direct impact on information security or operational risk and segmenting information is becoming a pressing concern? 7 Is enforcing business policies an operational nightmare due to complex IP based firewall rules 8 Are they an organization that has many different devices accessing the network? 9 Are they struggling with disparate security systems that lack contextual intelligence? 10 Do they have users that access the network via wired, wireless and VPN?
32 Questions?
33
34 Simplifying Guest Access for the Enterprise Corporate Branding and Themes Desktop & Mobile Ready! Create Accounts Streamlined Guest Creation Print SMS Mobile Guest Sponsorship Your credentials username: trex42 password: littlearms Guest Access Noti!cation via SMS Design Easily in Minutes, Deploy Securely in Just Hours Cisco Con!dential 34
35 Cisco TrustSec Software-De!ned Segmentation Control Access to Resources Based on Business Policies access-list 102 permit icmp lt 2361 X.Y.Z eq 116 access-list 102 deny udp eq 1112 X.Y.Z eq 959 access-list 102 deny tcp eq 2587 X.Y.Z lt 4993 access-list 102 deny tcp eq 970 X.Y.Z lt 848 access-list 102 deny ip eq 1493 X.Y.Z gt 4878 access-list 102 permit icmp lt 4962 X.Y.Z eq 1216 access-list 102 deny icmp gt 26 X.Y.Z gt 1111 access-list 102 deny ip eq 3914 X.Y.Z eq 4175 access-list 102 permit tcp lt 3146 X.Y.Z gt 1462 access-list 102 permit tcp gt 1843 X.Y.Z lt 4384 access-list 102 permit icmp eq 946 X.Y.Z eq 878 access-list 102 permit ip gt 3972 X.Y.Z eq 467 Traditional Security Policy Simpli!es Firewall Rule, ACL, VLAN Management Prevents Lateral Movement of Potential Threats Eliminates Costly Network Re-architecture Switch Router VPN & Firewall DC Switch Wireless Controller TrustSec Security Policy Segmentation Policy Enforced Across the Extended Network Cisco Con!dential 35
36 Dynamic Control with Rich Contextual Pro!ling Simple Identity Simply Isn t Helpful Enough Anymore POOR context awareness # Simple Identity - Who are you? # IP Address RESULT: Any user, Any device, Anywhere gets on the network EXTENSIVE context awareness # RICHER Identity Who? # Bob What? # ios Tablet Where? # Building 200, 1 st Floor When? # 11:00 AM EST on April 10 th RESULT: The Right user, on right device, from the right place is granted the RIGHT ACCESS
37 Streamlining BYOD and Enterprise Mobility Reducing the Complexity of Managing BYOD and Device Onboarding Improved Device Recognition Integrated Native Certi!cate Authority for Devices Desktop & Mobile Ready! Customizable Branded Experiences Easy User Onboarding with Self-Service Device Portals Comprehensive Device Security with Posture and EMM Cisco Con!dential 37
38 Streamline Security Operations with ISE Ecosystem Connect Disparate Solutions and Reduce Threat Response Time Faster Remediation of Threats with SIEM / TD Extension of Access Policy & Compliance with MDM Context-driven OT Policy and Segmentation for IoT Endpoint Vulnerability Remediation Simpli!ed Network Troubleshooting and Forensics SSO Secure Access to Sensitive Data on Mobile Devices Cisco Con!dential 38
39 Uni!ed Agent Common agent across wired, wireless & VPN Supports device posture & authorization across multiple access methods Simpli!es management with only one agent Prevents non-compliant devices from accessing the network Cisco Con!dential 39
40 Enterprise Mobility Management Integrations Enforce True Device Compliance for All Mobile Devices Sees unregistered devices on the network? Forces EMM Policy Compliance? Keeps noncompliant devices o# network? Sees ALL devices on the network Requires devices to comply with EMM policy Provides guest access to non-emm devices EMM Secures Actual Device SOLUTION ISE + EMM Together Cisco ISE Secures Network Access Cisco Con!dential 40
Partner Webinar. AnyConnect 4.0. Rene Straube Cisco Germany. December 2014
Partner Webinar AnyConnect 4.0 Rene Straube Cisco Germany December 2014 Agenda Introduction to AnyConnect 4.0 New Licensing Scheme for AnyConnect 4.0 How to migrate to the new Licensing? Ordering & Migration
More informationCisco Secure Access Control
Cisco Secure Access Control Delivering Deeper Visibility, Centralized Control, and Superior Protection Martin Briand - Security Escalation VSE Global Virtual Engineering Oriol Madriles Soriano Security
More informationCisco Identity Services Engine
Ordering Guide Cisco Identity Services Engine Ordering Guide August 2017 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 23 Contents 1. Introduction...
More informationIdentity Based Network Access
Identity Based Network Access Identity Based Network Access - Agenda What are my issues Cisco ISE Power training What have I achieved What do I want to do What are the issues? Guest Student Staff Contractor
More informationCisco ISE Features. Cisco Identity Services Engine Administrator Guide, Release 1.4 1
Cisco ISE Overview, page 2 Key Functions, page 2 Identity-Based Network Access, page 2 Support for Multiple Deployment Scenarios, page 3 Support for UCS Hardware, page 3 Basic User Authentication and Authorization,
More informationCisco ISE Licenses. Your license has expired. If endpoint consumption exceeds your licensing agreement.
This chapter describes the licensing mechanism and schemes that are available for Cisco ISE and how to add and upgrade licenses., on page 1 Manage Traditional License Files, on page 2 Cisco ISE licensing
More informationClearPass Ecosystem. Tomas Muliuolis HPE Aruba Baltics lead
ClearPass Ecosystem Tomas Muliuolis HPE Aruba Baltics lead 2 Changes in the market create paradigm shifts 3 Today s New Behavior and Threats GenMobile Access from anywhere? BYOD Trusted or untrusted? Bad
More informationCisco ISE Features Cisco ISE Features
Cisco ISE Overview, on page 2 Key Functions, on page 2 Identity-Based Network Access, on page 3 Support for Multiple Deployment Scenarios, on page 3 Support for UCS Hardware, on page 3 Basic User Authentication
More information2012 Cisco and/or its affiliates. All rights reserved. 1
2012 Cisco and/or its affiliates. All rights reserved. 1 Policy Access Control: Challenges and Architecture UA with Cisco ISE Onboarding demo (BYOD) Cisco Access Devices and Identity Security Group Access
More informationCisco ISE Licenses. You cannot upgrade the Evaluation license to an Plus and/or Apex license without first installing the Base license.
This chapter describes the licensing mechanism and schemes that are available for Cisco ISE and how to add and upgrade licenses., on page 1 License Consumption, on page 3 Manage License Files, on page
More informationReviewer s guide. PureMessage for Windows/Exchange Product tour
Reviewer s guide PureMessage for Windows/Exchange Product tour reviewer s guide: sophos nac advanced 2 welcome WELCOME Welcome to the reviewer s guide for NAC Advanced. The guide provides a review of the
More informationHow-To Threat Centric NAC Cisco AMP for Endpoints in Cloud and Cisco Identity Service Engine (ISE) Integration using STIX Technology
How-To Threat Centric NAC Cisco AMP for Endpoints in Cloud and Cisco Identity Service Engine (ISE) Integration using STIX Technology Author: John Eppich Table of Contents About this Document... 3 Introduction
More informationCLEARPASS CONVERSATION GUIDE
CLEARPASS CONVERSATION GUIDE Purpose: Goal: How to use: This document is designed to help you steer customer discussions with respect to the ClearPass solution. It will be useful as an initial conversation
More informationSecuring the Empowered Branch with Cisco Network Admission Control. September 2007
Securing the Empowered Branch with Cisco Network Admission Control September 2007 Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. 1 Contents 1 The Cisco Empowered Branch 2 Security Considerations
More informationCisco AnyConnect. Ordering Guide. June For further information, questions, and comments, please contact
Ordering Guide Cisco AnyConnect Ordering Guide June 2016 For further information, questions, and comments, please contact anyconnect-pricing@cisco.com. 2016 Cisco and/or its affiliates. All rights reserved.
More informationCisco Identity Services Engine
Data Sheet Enterprise networks are more dynamic than ever before, servicing an increasing number of users, devices, and access methods. Along with increased access and device proliferation comes an increased
More informationVendor: Cisco. Exam Code: Exam Name: Implementing Cisco Secure Access Solutions. Version: Demo
Vendor: Cisco Exam Code: 300-208 Exam Name: Implementing Cisco Secure Access Solutions Version: Demo QUESTION 1 By default, how many days does Cisco ISE wait before it purges the expired guest accounts?
More informationThe Context Aware Network A Holistic Approach to BYOD
The Context Aware Network A Holistic Approach to BYOD Trends Bring Your Own Device BYOD at Cisco Cisco BYOD Solution Use Cases Summary Trends #CiscoPlusCA Demand for Mobility 15 billion new networked mobile
More informationForeScout ControlFabric TM Architecture
ForeScout ControlFabric TM Architecture IMPROVE MULTI-VENDOR SOLUTION EFFECTIVENESS, RESPONSE AND WORKFLOW AUTOMATION THROUGH COLLABORATION WITH INDUSTRY-LEADING TECHNOLOGY PARTNERS. The Challenge 50%
More informationEnterprise Guest Access
Data Sheet Published Date July 2015 Service Overview Whether large or small, companies have guests. Guests can be virtually anyone who conducts business with the company but is not an employee. Many of
More informationQuestion: 1 The NAC Agent uses which port and protocol to send discovery packets to an ISE Policy Service Node?
Volume: 385 Questions Question: 1 The NAC Agent uses which port and protocol to send discovery packets to an ISE Policy Service Node? A. tcp/8905 B. udp/8905 C. http/80 D. https/443 Answer: A Question:
More informationCisco Identity Services Engine (ISE) Mentored Install - Pilot
Cisco Identity Services Engine (ISE) Mentored Install - Pilot Skyline Advanced Technology Services (ATS) offers Professional Services for a variety of Cisco-centric solutions. From inception to realization,
More informationATTIVO NETWORKS THREATDEFEND PLATFORM INTEGRATION WITH CISCO SYSTEMS PROTECTS THE NETWORK
PARTNER BRIEF ATTIVO NETWORKS THREATDEFEND PLATFORM INTEGRATION WITH CISCO SYSTEMS PROTECTS THE NETWORK INTRODUCTION Attivo Networks has partnered with Cisco Systems to provide advanced real-time inside-the-network
More informationCisco Network Admission Control (NAC) Solution
Data Sheet Cisco Network Admission Control (NAC) Solution New: Updated to include the Cisco Secure Network Server (SNS) Cisco Network Admission Control (NAC) solutions allow you to authenticate wired,
More informationCertKiller q
CertKiller.500-451.28q Number: 500-451 Passing Score: 800 Time Limit: 120 min File Version: 5.3 500-451 Cisco Unified Access Systems Engineer Exam I just passed today with 89%. My sole focus was the VCE.
More informationIntroduction to ISE-PIC
User identities must be authenticated in order to protect the network from unauthorized threats. To do so, security products are implemented on the networks. Each security product has its own method of
More informationSecure wired and wireless networks with smart access control
Secure wired and wireless networks with smart access control Muhammad AbuGhalioun Senior Presales Consultant Hewlett-Packard Enterprise Aruba Saudi Arabia Managing risk in today s digital enterprise Increasingly
More informationSECURE NETWORK ACCESS
SECURE NETWORK ACCESS The Security Problem Changing Business Models Dynamic Threat Landscape Complexity & Fragmentation 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confiden5al 3 Mobility
More informationIntroducing. Secure Access. for the Next Generation. Bram De Blander Sales Engineer
Introducing Secure Access for the Next Generation Bram De Blander Sales Engineer bdeblander@pulsesecure.net What CIOs are asking Mobility Cloud Apps IoT Is our firewall security and EMM system good enough?
More informationBusiness Resiliency Through Superior Threat Defense
Business Resiliency Through Superior Threat Defense Firepower 2100 Series/ Cisco Identity Services Engine Andre Lambertsen, Consulting Systems Engineer ala@cisco.com Cisco Firepower NGFW Fully Integrated
More informationCLEARPASS GUEST. A ClearPass Policy Manager Application DATA SHEET KEY FEATURES THE CLEARPASS ADVANTAGES
A ClearPass Policy Manager Application ClearPass Guest is a scalable, easy-to-use visitor management solution that delivers secure automated guest access workflows for visitors, contractors, partners,
More informationCisco TrustSec How-To Guide: Central Web Authentication
Cisco TrustSec How-To Guide: Central Web Authentication For Comments, please email: howtoguides@external.cisco.com Current Document Version: 3.0 August 27, 2012 Table of Contents Table of Contents... 1
More informationNETWORKING &SECURITY SOLUTIONSPORTFOLIO
NETWORKING &SECURITY SOLUTIONSPORTFOLIO NETWORKING &SECURITY SOLUTIONSPORTFOLIO Acomprehensivesolutionsportfoliotohelpyougetyourbusiness securelyconnected.clickononeofoursolutionstoknowmore NETWORKING
More informationTITLE GOES HERE RUCKUS CLOUDPATH ENROLLMENT SYSTEM. The only integrated security and policy management platform that delivers: COMPRISED OF:
CASE STUDY Ruckus Enrollment System (ES) software is a security and policy management platform that enables IT to easily and definitively secure the network, secure users and secure wired and wireless
More informationAby se z toho bezpečnostní správci nezbláznili Cisco security integrace. Milan Habrcetl Cisco CyberSecurity Specialist Mikulov, 5. 9.
Aby se z toho bezpečnostní správci nezbláznili aneb Cisco security integrace Aby se z toho bezpečnostní správci nezbláznili Cisco security integrace Milan Habrcetl Cisco CyberSecurity Specialist Mikulov,
More informationIntelligent Edge Protection
Intelligent Edge Protection Sicherheit im Zeitalter von IoT und Mobility September 26, 2017 Flexible consumption Beacons, sensors and geo-positioning Driven by agile DevOps Mobile users, apps and devices
More informationARUBA CLEARPASS POLICY MANAGER
ARUBA CLEARPASS POLICY MANAGER The most advanced policy management platform available The Aruba Policy Manager platform provides role- and device-based network access control for employees, contractors
More informationDelivering a Secure BYOD Solution with XenMobile MDM and Cisco ISE
Delivering a Secure BYOD Solution with XenMobile MDM and Cisco ISE Bhumik Patel Solutions Architect, Citrix Systems May 21 st 2013 App Complete Enterprise Mobility Business Apps Productivity and Collaboration
More information2013 InterWorks, Page 1
2013 InterWorks, Page 1 The BYOD Phenomenon 68% of devices used by information workers to access business applications are ones they own themselves, including laptops, smartphones, and tablets. IT organizations
More informationSecure Mobility. Klaus Lenssen Senior Business Development Manager Security
Secure Mobility Klaus Lenssen Senior Business Development Manager Security KL Secure Mobility 2008 Cisco Systems, Inc. All rights reserved. Cisco public 1 Complete Your Online Session Evaluation Please
More informationCisco Next Generation Firewall and IPS. Dragan Novakovic Security Consulting Systems Engineer
Cisco Next Generation Firewall and IPS Dragan Novakovic Security Consulting Systems Engineer Cisco ASA with Firepower services Cisco TALOS - Collective Security Intelligence Enabled Clustering & High Availability
More informationSecurity Automation. Challenge: Automatizzare le azioni di isolamento e contenimento delle minacce rilevate tramite soluzioni di malware analysis
Security Automation Challenge: Automatizzare le azioni di isolamento e contenimento delle minacce rilevate tramite soluzioni di malware analysis Network Admission Control See Managed Unmanaged Computing
More informationThe Internet of Everything is changing Everything
The Internet of Everything is changing Everything Intelligent Threat Defense for the Enterprise Mobility Nikos Mourtzinos, CCIE #9763 Global Security Sales Organization Changing Business Models Any Device
More informationISE Version 1.3 Self Registered Guest Portal Configuration Example
ISE Version 1.3 Self Registered Guest Portal Configuration Example Document ID: 118742 Contributed by Michal Garcarz and Nicolas Darchis, Cisco TAC Engineers. Feb 13, 2015 Contents Introduction Prerequisites
More informationBorderless Networks. Tom Schepers, Director Systems Engineering
Borderless Networks Tom Schepers, Director Systems Engineering Agenda Introducing Enterprise Network Architecture Unified Access Cloud Intelligent Network & Unified Services Enterprise Networks in Action
More informationChristopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud
Christopher Covert Principal Product Manager Enterprise Solutions Group Copyright 2016 Symantec Endpoint Protection Cloud THE PROMISE OF CLOUD COMPUTING We re all moving from challenges like these Large
More informationSecure Access - Update
Secure Access - Update for people, devices, things and services Jonas Gyllenhammar Senior Consultant Engineer - Specialist The New Reality All Major OSs One Client On-the-go Home network Untrusted LAN
More informationQuickSpecs. Aruba ClearPass Guest Software. Overview. Aruba ClearPass Guest Software A ClearPass Policy Manager Application.
Overview A ClearPass Policy Manager Application Product overview ClearPass Guest is a scalable, easy-to-use visitor management solution that delivers secure automated guest access workflows for visitors,
More informationSecure Network Access for Personal Mobile Devices
White Paper Secure Network Access for Personal Mobile Devices What You Will Learn People around the globe are enamored with their smartphones and tablet computers, and they feel strongly that they should
More informationXerox and Cisco Identity Services Engine (ISE) White Paper
Xerox and Cisco Identity Services Engine (ISE) White Paper Contents Securing Your Networked Printing Devices... 1 Providing Security in an Internet of Things World... 1 Cisco ISE: A Powerful, Simple and
More informationIntegrating Meraki Networks with
Integrating Meraki Networks with Cisco Identity Services Engine Secure Access How-To guide series Authors: Tim Abbott, Colin Lowenberg Date: April 2016 Table of Contents Introduction Compatibility Matrix
More informationCisco Firepower NGFW. Anticipate, block, and respond to threats
Cisco Firepower NGFW Anticipate, block, and respond to threats You have a mandate to build and secure a network that supports ongoing innovation Mobile access Social collaboration Public / private hybrid
More informationHiveManager Local Cloud
DATA SHEET HiveManager Local Cloud Enterprise Access Network Management Offering Intuitive Configuration Workflows, Real-Time & Historical Monitoring, and Simplified Troubleshooting DATASHEET HiveManager
More informationForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.
Real-time Visibility Network Access Control Endpoint Compliance Mobile Security ForeScout CounterACT Continuous Monitoring and Mitigation Rapid Threat Response Benefits Rethink IT Security Security Do
More informationSpeaker Introduction Who Mate Barany, VMware Manuel Mazzolin, VMware Peter Schmitt, Deutsche Bahn Systel Why VMworld 2017 Understanding the modern sec
SIE3197BE Secure Your Windows 10 and Office 365 Deployment with VMware Security Solutions Mate Barany, VMware Manuel Mazzolin, VMware Peter Schmitt, Deutsche Bahn Systel #VMworld #SIE3197BE Speaker Introduction
More informationHow to Control Who Gets Onto Your Network A Large Systemic Bank s Security Case Study
How to Control Who Gets Onto Your Network A Large Systemic Bank s Security Case Study Nikos Mourtzinos, CCIE #9763 Cyber Security Sales Specialist, Cisco nmourtzi@cisco.com Algosystems, 4/2018 Christos
More informationVisibility, control and response
Visibility, control and response Protecting Clients and Unifying Policy Tomas Muliuolis Baltics Lead September 2018 Today s Escalating Customer Challenges Advanced attacks and unforeseen threats continue
More informationA New Security Model for the IoE World. Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization
A New Security Model for the IoE World Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization Internet of Everything The Internet of Everything brings together people, process, data and
More informationCompare Security Analytics Solutions
Compare Security Analytics Solutions Learn how Cisco Stealthwatch compares with other security analytics products. This solution scales easily, giving you visibility across the entire network. Stealthwatch
More informationForeScout Extended Module for MaaS360
Version 1.8 Table of Contents About MaaS360 Integration... 4 Additional ForeScout MDM Documentation... 4 About this Module... 4 How it Works... 5 Continuous Query Refresh... 5 Offsite Device Management...
More informationISE Identity Service Engine
CVP ISE Identity Service Engine Cisco Validated Profile (CVP) Series 2018 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 10 Contents 1. Profile introduction...
More informationForeScout Extended Module for VMware AirWatch MDM
ForeScout Extended Module for VMware AirWatch MDM Version 1.7.2 Table of Contents About the AirWatch MDM Integration... 4 Additional AirWatch Documentation... 4 About this Module... 4 How it Works... 5
More informationARUBA CLEARPASS NETWORK ACCESS CONTROL
Device Visibility, Control and Attack Response for the Enterprise Gartner is forecasting 70 billion connected devices by 2020. Laptops, smartphones, tablets and Internet of Things (IoT) devices are pouring
More informationSupport Device Access
Personal Devices on a Corporate Network (BYOD), on page 1 Personal Device Portals, on page 2 Support Device Registration Using Native Supplicants, on page 7 Device Portals Configuration Tasks, on page
More informationAdaptacyjny dostęp do aplikacji wszędzie i z każdego urządzenia
Adaptacyjny dostęp do aplikacji wszędzie i z każdego urządzenia F5 EMEA Webinar Listopad 2014 Andrzej Kroczek Field Systems Engineer Today s Network and App Access: So Many Variables! LOCATIONS USERS DEVICES
More informationWHY YOUR NAC PROJECTS KEEP FAILING: ADDRESSING PRODUCTS, PEOPLE, PROCESSES
SESSION ID: TECH-W14 WHY YOUR NAC PROJECTS KEEP FAILING: ADDRESSING PRODUCTS, PEOPLE, PROCESSES Jennifer Minella VP of Engineering & Security Carolina Advanced Digital, Inc. @jjx securityuncorked.com @CADinc
More informationStop Threats Before They Stop You
Stop Threats Before They Stop You Gain visibility and control as you speed time to containment of infected endpoints Andrew Peters, Sr. Manager, Security Technology Group Agenda Situation System Parts
More informationSecure Access for Microsoft Office 365 & SaaS Applications
Best Practices Guide Secure Access for Microsoft Office 365 & SaaS Applications Implement Robust Compliance for All Users, All Devices, and All Data This guide illustrates best practices for secure Office
More informationFor Sales Kathy Hall
IT4E Schedule 13939 Gold Circle Omaha NE 68144 402-431-5432 Course Number Course Name Course Description For Sales Chris Reynolds 402-963-4465 creynolds@it4e.com www.it4e.com SISE v1.1 SKY For Sales Kathy
More informationP ART 3. Configuring the Infrastructure
P ART 3 Configuring the Infrastructure CHAPTER 8 Summary of Configuring the Infrastructure Revised: August 7, 2013 This part of the CVD section discusses the different infrastructure components that are
More informationContents. Introduction. Prerequisites. Requirements. Components Used
Contents Introduction Prerequisites Requirements Components Used Configure Network Diagram ASA ISE Step 1. Configure Network Device Step 2. Configure Posture conditions and policies Step 3. Configure Client
More informationKlaudia Bakšová System Engineer Cisco Systems. Cisco Clean Access
Klaudia Bakšová System Engineer Cisco Systems Cisco Clean Access Agenda 1. Securing Complexity 2. NAC Appliance Product Overview and In-Depth 3. NAC Appliance Technical Benefits The Challenge of Securing
More informationTech update security 30 /
Tech update security 30 / 5-2017 ISE 2.2 + 2.3 update Context Visibility Enhancements PassiveID Enhancements WMI Agent SPAN Syslog TS Agent ISE-PIC Installation Licensing and Upgrade PxGrid Enhancements
More informationZero Trust with Okta: A Modern Approach to Secure Access from Anywhere. How Okta enables a Zero Trust solution for our customers
Zero Trust with Okta: A Modern Approach to Secure Access from Anywhere How Okta enables a Zero Trust solution for our customers Okta Inc. 301 Brannan Street, Suite 300 San Francisco, CA 94107 info@okta.com
More informationForeScout Extended Module for MobileIron
Version 1.8 Table of Contents About MobileIron Integration... 4 Additional MobileIron Documentation... 4 About this Module... 4 How it Works... 5 Continuous Query Refresh... 5 Offsite Device Management...
More informationCisco TrustSec How-To Guide: Universal Configuration for the Cisco Wireless LAN Controller
Cisco TrustSec How-To Guide: Universal Configuration for the Cisco Wireless LAN Controller For Comments, please email: howtoguides@external.cisco.com Current Document Version: 3.0 August 27, 2012 Table
More informationCisco ASA Next-Generation Firewall Services
Q&A Cisco ASA Next-Generation Firewall Services Q. What are Cisco ASA Next-Generation Firewall Services? A. Cisco ASA Next-Generation Firewall Services are a modular security service that extends the Cisco
More informationONE POLICY. Tengku Shahrizam, CCIE Asia Borderless Network Security 20 th June 2013
ONE POLICY Tengku Shahrizam, CCIE Asia Borderless Network Security 20 th June 2013 Agenda Secure Unified Access with ISE Role-Based Access Control Profiling TrustSec Demonstration How ISE is Used Today
More informationMobile Device Management: A Real Need for the Mobile World
Mobile Device Management: A Real Need for the Mobile World In today s modern workplace, employees are utilizing a variety of mobile devices both in and out of the office. Gone are the days when employees
More informationSupport Device Access
Personal Devices on a Corporate Network (BYOD), on page 1 Personal Device Portals, on page 2 Support Device Registration Using Native Supplicants, on page 8 Device Portals Configuration Tasks, on page
More informationBYOD: BRING YOUR OWN DEVICE.
white paper BYOD: BRING YOUR OWN DEVICE. On-BOaRDING and Securing DEVICES IN YOUR Corporate NetWORk PrepaRING YOUR NetWORk to MEEt DEVICE DEMaND The proliferation of smartphones and tablets brings increased
More informationThe threat landscape is constantly
A PLATFORM-INDEPENDENT APPROACH TO SECURE MICRO-SEGMENTATION Use Case Analysis The threat landscape is constantly evolving. Data centers running business-critical workloads need proactive security solutions
More informationCisco Cyber Range. Paul Qiu Senior Solutions Architect
Cisco Cyber Range Paul Qiu Senior Solutions Architect Cyber Range Service A platform to experience the intelligent Cyber Security for the real world What I hear, I forget What I see, I remember What I
More informationIntroducing Cisco Identity Services Engine for System Engineer Exam
Introducing Cisco Identity Services Engine for System Engineer Exam Number: 650-474 Passing Score: 800 Time Limit: 120 min File Version: 4.1 http://www.gratisexam.com/ Cisco 650-474 Introducing Cisco Identity
More informationThe Cisco BYOD Smart Solution
1 Security, Flexibility, and Performance for Any Workspace 2 Today, organizations have various devices on their networks. To manage the proliferation of personal devices, bring your own device (BYOD) policies
More informationManufacturing security: Bridging the gap between IT and OT
Manufacturing security: Bridging the gap between IT and OT For manufacturers, every new connection point is an opportunity. And a risk. The state of IT/OT security in manufacturing On the plant floor,
More informationCloud Mobility: Meraki Wireless & EMM
BRKEWN-2002 Cloud Mobility: Meraki Wireless & EMM Emily Sporl Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile
More informationData Center Security. Fuat KILIÇ Consulting Systems
Data Center Security Fuat KILIÇ Consulting Systems Engineer @Security Data Center Evolution WHERE ARE YOU NOW? WHERE DO YOU WANT TO BE? Traditional Data Center Virtualized Data Center (VDC) Virtualized
More informationGuest Access User Interface Reference
Guest Portal Settings, page 1 Sponsor Portal Application Settings, page 17 Global Settings, page 24 Guest Portal Settings Portal Identification Settings The navigation path for these settings is Work Centers
More informationSegment Your Network for Stronger Security
Segment Your Network for Stronger Security Protecting Critical Assets with Cisco Security 2017 Cisco and/or its affiliates. All rights reserved. 2017 Cisco and/or its affiliates. All rights reserved. The
More informationImplementing Cisco Edge Network Security Solutions ( )
Implementing Cisco Edge Network Security Solutions (300-206) Exam Description: The Implementing Cisco Edge Network Security (SENSS) (300-206) exam tests the knowledge of a network security engineer to
More informationCisco Self Defending Network
Cisco Self Defending Network Integrated Network Security George Chopin Security Business Development Manager, CISSP 2003, Cisco Systems, Inc. All rights reserved. 1 The Network as a Strategic Asset Corporate
More informationExamTorrent. Best exam torrent, excellent test torrent, valid exam dumps are here waiting for you
ExamTorrent http://www.examtorrent.com Best exam torrent, excellent test torrent, valid exam dumps are here waiting for you Exam : 400-251 Title : CCIE Security Written Exam (v5.0) Vendor : Cisco Version
More informationComponent Assessment
4 CHAPTER Component Assessment This chapter discusses the function of each component and how it helps to address PCI DSS 2.0 compliance requirements. Each component was assessed by Verizon Business. This
More informationGuest Service Changes
Service Changes The Services administration is now much simplified. The configuration is centralized in the Admin portal under the Access menu. There are several changes in Cisco ISE Web Portals between
More informationCISCO EXAM QUESTIONS & ANSWERS
CISCO 700-505 EXAM QUESTIONS & ANSWERS Number: 700-505 Passing Score: 800 Time Limit: 120 min File Version: 18.5 http://www.gratisexam.com/ CISCO 700-505 EXAM QUESTIONS & ANSWERS Exam Name: SMB Specialization
More informationUser-to-Data-Center Access Control Using TrustSec Design Guide
CISCO VALIDATED DESIGN User-to-Data-Center Access Control Using TrustSec Design Guide October 2015 REFERENCE NETWORK ARCHITECTURE Table of Contents About This Document... 1 Cisco TrustSec Overview... 2
More informationCisco ISE pxgrid App 1.0 for IBM QRadar SIEM. Author: John Eppich
Cisco ISE pxgrid App 1.0 for IBM QRadar SIEM Author: John Eppich Table of Contents About This Document... 4 Solution Overview... 5 Technical Details... 6 Cisco ISE pxgrid Installation... 7 Generating the
More informationIntroduction to 802.1X Operations for Cisco Security Professionals (802.1X)
Introduction to 802.1X Operations for Cisco Security Professionals (802.1X) The goal of the course is to provide students with foundational knowledge in the capabilities and functions of the IEEE 802.1x
More informationCisco ONE for Access Wireless
Data Sheet Cisco ONE for Access Wireless Cisco ONE Software overview Cisco ONE Software helps customers purchase the right software capabilities to address their business needs. It helps deliver reduced
More information