Done shopping? You can create a PDF of your cart for later or for your purchasing dept! Details at checkout.
- Powerful device classification
The solution offers the industry's first integrated device profiler to identify each endpoint; match it to its user or function and other attributes, including time, location, and network; and create a contextual identity so IT administrators can apply precise controls over who and what is allowed on the network. An automated device feed service updates Cisco ISE in real time to help ensure that new devices can be identified as soon as they are released to the market.
- Extensive policy enforcement
Organizations can define access policy rules easily and with great flexibility to meet their ever-changing business needs. For example, IT administrators can define a policy that differentiates guest users and devices from registered users and devices. Guest users may receive limited access across the entire network, while registered users receive their policy-designated access. Further, policies can help ensure that only trusted or compliant devices from registered users can access the network. Based on the user's or device's contextual identity, rules for highly secure access are sent to the network point of entry, so the IT administrators are assured of consistent policy enforcement from wherever the user or device is trying to access the network.
- Streamlined guest experiences
With out-of-the-box simplicity for guest administration and onboarding, administrators can customize guest portals in minutes. Dynamic visual tools offer real-time previews of the portal screens and the steps that a guest will experience in order to demonstrate exactly how changes to settings will affect users. You gain full customization of guest pages (including advertisements, banners, themes, and branding), full management of guest accounts and expirations, and complete auditing of guest accounts and activity across your network. Supporting every type of guest workflow from hotspot to employee-sponsored guest access with SMS confirmation, the solution makes guest access easy.
- Self-service device onboarding
IT staff can decide how to implement an enterprise's bring-your-own-device (BYOD) or guest policies. With a self-service registration portal, users can register and provision new devices according to the business policies defined by the IT administrators. This permits the IT staff to get the automated device provisioning, profiling, and posturing it needs to comply with security policies while employees can get their devices onto the network without requiring IT assistance.
- Security compliance
A single management console simplifies policy creation, visibility, and reporting across all company networks, which makes it easy to validate compliance for audits, regulatory requirements, and mandated federal guidelines for IEEE 802.1X standards.
- Automated device-compliance checks
Cisco ISE delivers device posture check and remediation options using the Cisco AnyConnect 4.0 Unified Agent, which also provides advanced VPN services for desktop and laptop checks. The solution also provides integrations with market-leading enterprise mobility management (EMM) solutions for mobile devices. This capability helps to ensure that a user's device is both secure and policy-compliant.
- Dependable anywhere access
The Identity Services Engine provisions policy on the network access device in real time, so mobile or remote users can get the same consistent access to their services from wired and wireless connections.
- Operational efficiency
Onboarding and security automation, central policy control, visibility, troubleshooting, and integration with Cisco Prime solutions helps ensure that IT staff and the help desk will spend far less time on user and network security fixes.
- Embedded enforcement
Device-sensing capabilities are built into most Cisco switches and wireless controllers to extend profiling network wide at the point of entry and without the costs and management of overlay appliances or infrastructure replacement.
- Extension of policy into the data center
The Identity Services Engine is the policy controller for the unique Cisco TrustSec network technology, which provides software-defined network segmentation to take the complexity out of network security. Customers can logically and dynamically segment their network based on business rules using role-based access policy instead of managing multiple VLANs or changing network architecture, thereby simplifying highly secure access across an ever-changing expanded network.
- Multivendor-infrastructure support
The solution interoperates with a multivendor infrastructure (for example, switches and wireless access points) that is compliant with RADIUS and IEEE 802.1X standards. Cisco and its partners offer best-practice guidelines as well as detailed, hands-on design guidance. Enterprise customers use the Identity Services Engine with a network infrastructure designed by Cisco along with Cisco TrustSec technology to get even greater intelligence and enhanced visibility out of their networks.
- pxGrid context sharing
The solution collects dynamic contextual data from throughout the network and uses pxGrid technology, a robust context-sharing platform, to share that deeper level of contextual data about connected users and devices with external and internal ecosystem partner solutions. Through the use of a single API, the solution's network and security partners use this data in order to improve their own network access capabilities and accelerate their own solutions' capabilities to identify, mitigate, and remediate network threats.
As the modern network expands, the complexity of marshaling resources, managing disparate security solutions, and controlling risk grows as well. Factor in the ubiquitous connectivity of IoE with already constrained IT resources, and the potential impact of failing to identify and remediate security threats becomes very large indeed.
A different approach is required for both the management and the security of the evolving mobile enterprise. Enter the Cisco Identity Services Engine. With its superior user and device visibility, Cisco ISE delivers simplified enterprise mobility experiences, and it shares vital contextual data with integrated ecosystem partner solutions using Cisco Platform Exchange Grid (pxGrid) technology to accelerate the identification, mitigation, and remediation of threats.