Cisco Secure Access Control

Similar documents
Always-on Endpoint Remote Access and Protection with Cisco AnyConnect

Identity Based Network Access

Access and Policy License Double Click

Cisco ISE Features Cisco ISE Features

Cisco ISE Ports Reference

Cisco ISE Features. Cisco Identity Services Engine Administrator Guide, Release 1.4 1

Implementing Cisco Edge Network Security Solutions ( )

ONE POLICY. Tengku Shahrizam, CCIE Asia Borderless Network Security 20 th June 2013

Cisco ISE Ports Reference

ISE Identity Service Engine

Borderless Networks. Tom Schepers, Director Systems Engineering

Cisco ISE Ports Reference

Cisco ISE Ports Reference

Tech update security 30 /

Yes, You can protect your endpoints! Szilard Csordas, Security Consultant scsordas [at] cisco.com

Guest Access User Interface Reference

Cisco ISE Licenses. Your license has expired. If endpoint consumption exceeds your licensing agreement.

Cisco Identity Services Engine

Introduction to ISE-PIC

The Context Aware Network A Holistic Approach to BYOD

CertKiller q

Contents. Introduction

Business Resiliency Through Superior Threat Defense

How-To Threat Centric NAC Cisco AMP for Endpoints in Cloud and Cisco Identity Service Engine (ISE) Integration using STIX Technology

Cisco TrustSec How-To Guide: Universal Configuration for the Cisco Wireless LAN Controller

Cisco Stealthwatch Endpoint License with Cisco AnyConnect NVM

Reports. Cisco ISE Reports

AlgoSec: How to Secure and Automate Your Heterogeneous Cisco Environment

Cisco Identity Services Engine

Compare Security Analytics Solutions

Cisco ISE pxgrid App 1.0 for IBM QRadar SIEM. Author: John Eppich

2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1

Contents. Introduction. Prerequisites. Requirements. Components Used

Partner Webinar. AnyConnect 4.0. Rene Straube Cisco Germany. December 2014

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Cisco Identity Services Engine (ISE) Mentored Install - Pilot

Cisco ISE Licenses. You cannot upgrade the Evaluation license to an Plus and/or Apex license without first installing the Base license.

Integrating Meraki Networks with

2012 Cisco and/or its affiliates. All rights reserved. 1

Set Up Cisco ISE in a Distributed Environment

First Look Showcase. Expanding our prevention, detection and response solutions. Marco Rottigni Chief Technical Security Officer, Qualys, Inc.

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Introducing. Secure Access. for the Next Generation. Bram De Blander Sales Engineer

How to Control Who Gets Onto Your Network A Large Systemic Bank s Security Case Study

Cisco Cyber Range. Paul Qiu Senior Solutions Architect

First Look Showcase. Expanding our prevention, detection and response solutions. Sumedh Thakar Chief Product Officer, Qualys, Inc.

Portnox CORE. On-Premise. Technology Introduction AT A GLANCE. Solution Overview

Secure wired and wireless networks with smart access control

Set Up Cisco ISE in a Distributed Environment

Security Automation. Challenge: Automatizzare le azioni di isolamento e contenimento delle minacce rilevate tramite soluzioni di malware analysis

Secure Access - Update

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

Encrypted Traffic Analytics

Vendor: Cisco. Exam Code: Exam Name: Implementing Cisco Secure Access Solutions. Version: Demo

ATTIVO NETWORKS THREATDEFEND PLATFORM INTEGRATION WITH CISCO SYSTEMS PROTECTS THE NETWORK

One Management Realized, with Cisco Prime Infrastructure Manage Complexity. Manage Effectively. Manage Intelligently. Closing

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

Enhanced Threat Detection, Investigation, and Response

Več kot SDN - SDA arhitektura v uporabniških omrežjih

Exam Questions Demo Cisco. Exam Questions

Configure Client Posture Policies

BYOD: Management and Control for the Use and Provisioning of Mobile Devices

ForeScout ControlFabric TM Architecture

Cisco ONE for Access Wireless

Cisco Exam Questions & Answers

Cisco dan Hotel Crowne Plaza Beograd, Srbija.

Cisco AnyConnect Secure Mobility Solution. György Ács Regional Security Consultant

Configure Client Posture Policies

Cisco Security Exposed Through the Cyber Kill Chain

Infoblox as Part of the Ecosystem

A New Security Model for the IoE World. Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization

Cisco TrustSec How-To Guide: Monitor Mode

Key Security Measures to Enable Next-Generation Data Center Transformation

Visibility, control and response

ForeScout Extended Module for VMware AirWatch MDM

Configure Guest Access

Cisco - ASA Lab Camp v9.0

Stop Threats Before They Stop You

Cloud Mobility: Meraki Wireless & EMM

The Internet of Everything is changing Everything

THE NETWORK. INTUITIVE. Powered by intent, informed by context. Rajinder Singh Product Sales Specialist - ASEAN August 2017

Manage Authorization Policies and Profiles

Configure Guest Access

Agile Security Solutions

Introduction to 802.1X Operations for Cisco Security Professionals (802.1X)

Klaudia Bakšová System Engineer Cisco Systems. Cisco Clean Access

Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

ISE Primer.

Cisco NCS Overview. The Cisco Unified Network Solution CHAPTER

How to securely connect user endpoints to network access wireless or wired. Gyorgy Acs Consulting Systems Engineer Cisco

ForeScout Extended Module for MobileIron

Troubleshoot and Enable Debugs on ISE

ForeScout Extended Module for MaaS360

SECURE NETWORK ACCESS

Threat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ

Securing the Empowered Branch with Cisco Network Admission Control. September 2007

Integrated McAfee and Cisco Fabrics Demolish Enterprise Boundaries

DumpsFree. DumpsFree provide high-quality Dumps VCE & dumps demo free download

SDN Security BRKSEC Alok Mittal Security Business Group, Cisco

Transcription:

Cisco Secure Access Control Delivering Deeper Visibility, Centralized Control, and Superior Protection Martin Briand - Security Escalation VSE Global Virtual Engineering Oriol Madriles Soriano Security VSE Global Virtual Engineering June 2016

Our Agenda Cisco Security Orientations Access control with ISE ISE 2.1 and Anyconnect 4.3 New! Announced June 14th ISE 2.1 GUI Demo

Better Security Visibility Securing the Mobile Enterprise Protect Against Advanced Malware Improve Results with Security Services Harden and Segment the Network Security as a Network Driver

Effective Security Is Delivered When The Pieces Work Together. Seamlessly. Our goal is to make security less complex by providing a best of breed portfolio that s deeply integrated and delivers solutions that are superb individually, but vastly more powerful when used together.

Introducing Cisco Identity Services Engine A centralized security solution that automates context-aware access to network resources and shares contextual data Physical or VM Identity Profiling and Posture Role-Based Policy Access Network Resources Who Traditional Cisco TrustSec Network Door What When Where How Guest Access BYOD Access Role-Based Access Context Compliant Secure Access ISE pxgrid Controller

Context Enhances Protection Across the Attack Continuum ISE When Where Who How What BEFORE DURING AFTER Gain visibility into who and what is on your network Grant access on a need to know basis Provide threat context to behavioral analysis Contain through network elements and security ecosystem Get better forensics and prepare for the next attack by sharing information with ecosystem partners

Cisco ISE Features and Licensing Mobility (Term License) ALL Cisco ISE Features, * wireless and VPN only Wired upgrade available No ATP requirement * Unified Agent requires Cisco AnyConnect Apex Apex (Term License) Endpoint compliance and remediation EMM capabilities Cisco AnyConnect Unified Agent services* * Requires Cisco AnyConnect Apex licenses Plus (Term License) Device profiling and feed service BYOD with certificate authority Cisco pxgrid context sharing Endpoint protection services Base (Perpetual License) Radius, AAA, 802.1x Guest services Cisco TrustSec (SGT) MACsec External RESTful services Device Admin (Perpetual License) TACACS+

Anyconnect Centralized Control Superior Protection

AnyConnect Way more than VPN AnyConnect features NEW (FALL2015) Basic VPN Advanced VPN Endpoint Compliance Inspection Service Enterprise Access Threat Protection Network Visibility Cisco AnyConnect Integration with other Cisco solutions ISR ASR / CSR Adaptive Security Appliance (ASA) Identity Services Engine (ISE) Cloud Web Security Services (CWS + WSA) Switches and Wireless Controllers Advanced Malware Protection NetFlow Collectors

Gain Business Insight from Greater Network Data With the Cisco AnyConnect Network Visibility Module What s new for Anyconnect 4.2? The new Cisco AnyConnect Network Visibility Module (NVM) enables greater visibility across users, endpoints, and applications and facilitates analytics on contextual telemetry data. Benefits Build a Holistic View across your entire network with greater insight from behavior analytics and contextual data Defend More Effectively against potential threats with greater visibility that helps you improve segmentation policies Improve Network Operations with forensic analysis to inform design, capacity planning, and troubleshooting Gain Increased Visibility Across Your Network With Cisco AnyConnect 4.2: Local DNS Unique Device ID Domain\User Name Device Name Process Name NetFlow Collector NVM Dashboard Parent Process Name Before: IPFIX record Process Identifier Parent Process Identifier Capabilities Exclude select context variables to meet privacy requirements Collect and send data when on premises and/or VPN connected (including split tunneling) Get 24-hour rolling cache of NetFlow data when disconnected Limit impact on user experience with stream-level interception Gain auditing intelligence with built-in reporting and analytics capabilities Integrate easily with Lancope and LiveAction

4.3 NVM New Features Throttling of Cached Data Flexible Collection Policy ParentProcessHash DestinationHostname DNSSuffix L4ByteCountIn L4ByteCountOut VirtualStationName OSName OSVersion OSEdition SystemType SystemManufacturer Broadcast/Multi cast Suppression New Attributes ModuleNameList ModuleNameHash InterfaceIndex InterfaceIndexType InterfaceIndexName Complete Attribute List

4.3 Posture Framework Changes Currently AnyConnect ISE Posture Module verifies endpoint attributed at time of access or via reassessment window Continuous Monitoring will be a new capability going forward from client USB check is the first More to come (e.g. continuous checking of applications) Opswat v4 Lots of new capabilities to leverage (e.g. Autoupdate)

Deeper Visibility ISE 2.1 Superior Protection

Context Visibility

Context Visibility Wizard Setup in a few clicks:

Context Visibility Stores current state of all endpoints Import Create/Update/Delete REST API Search Visibility Dashboard Export REST API User, Endpoint, Network, Posture, Profile, Location, Threat, Vulnerability, Custom Attributes ~50 default attributes out of the box

Expanded Profiling Capabilities ISE now supports a new Active Directory probe and SMB discovery providing definitive operating system information eliminating guesswork. Custom ports, service and version information provide better information to shrink the pool of devices that stubbornly defy classification.

Threat-Centric NAC

Threat Centric NAC Correlating Threat and Vulnerability Information to reduce Time to Remediate with ISE Network Fabric Visibility and Control VAF VAF Threat Incidents Vulnerability Scoring Cisco ISE Threat Scoring Vulnerable Endpoint Inventory Response in Cisco Infrastructure Discover Vulnerable Embedded IOT Devices Automated containment of vulnerable endpoints based on CVE Score Immediate action on prioritized vulnerability to maximize SOC resources

What is Threat Centric NAC: Vulnerability Security Assessment service leverages industry standards for Vulnerability and Threats. Vulnerable EndPoints based on CVSS Scores

What is Threat Centric NAC: Threat Threat EndPoints based on Incidents and Indicators

EasyConnect

EasyConnect Non-intrusive Passive Login, FULL Control (No 802.1X) Identity Services Engine SXP Uses What s Already There (AD) User Mappings Derived from AD Logins Full Visibility/Control w/o Touching Endpoints Faster, Simpler Deployments for software-defined segmentation Network Access Devices w/o 802.1X AD Logins Microsoft Active Directory Domain Controllers Rest of Network

3 rd Party, Compliance, BYOD, pxgrid & Guest

3 rd Party NAD Phase 2 Auth VLAN & DNS Sink-holing Removes Requirement for URL Redirection Supports all Flows: Hotspot CWA BYOD Posture Remediation SNMP CoA

New 2.1 Compliance Capabilities Microsoft Intune Integration Microsoft SCCM Integration (as MDM) Posture Workcenter USB Real Time Check

New 2.1 BYOD Capabilities BYOD Workcenter Pre-Canned BYOD Configurations - <10 Minutes to Stand Up BYOD: CA & Certificate Templates Client Provisioning Policies & NSPs PRE-LOADED Identity Source Sequence & Authorization Rules Support for ChromeBook

New 2.1 Guest Capabilities IdP-based Employee Login as Guest (BYOD, etc.) Support for any SAML 2.0 IdP Filtered Sponsor View (View Own Only) Finer Password Policy Web Proxy for SMS NIC Teaming for Portals From First Login

pxgrid Made it to the IETF Standards Track!

ISE 2.1 GUI Demo

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback