With modern society’s reliance on connectivity for both work and leisure, offering network access to different groups of people without compromising security has become complicated. In any business, employees need to access various types of data and information in order to fulfill their tasks properly. However, the standard ways with which a business controls data security and network access are often cumbersome, expensive, and require a lot of skilled manpower. Cisco Identity Services Engine is the answer.
The Cisco Identity Services Engine (ISE) is a policy engine that provides secure network access for business enterprises. Marketed as a ‘next-generation secure network access’, Cisco ISE uses contextual information to determine if an access request can be approved. ISE verifies who the user is, the time and location of the request, as well the access method and the type of device used. Once the engine ascertains that the request is legitimate, only then can the user gain access to the network.
Cisco ISE works across both wired and wireless networks, including mobile connectivity. A case study commissioned by Cisco Systems and conducted by Forrester Consulting showed that the ISE provided excellent benefits for the four customers studied, across four use case scenarios:
- Bring-your-own-device (BYOD) and choose-your-own-device (CYOD)
- Guest wireless access services
Why Cisco ISE?
Identity Services Engine (ISE) reduces the complexity inherent in managing and securing the evolving enterprise network. Cisco ISE is recognized as one of the industry’s leading integrated and open platforms that helps provide comprehensive visibility of all users, devices, and applications that are on the network, as well as technology integration, automation, and granular policy control.
Benefits of using Cisco ISE
Cisco ISE makes it easy for enterprises to manage their access infrastructure with its simple controls. These controls work with other Cisco network gear for easy enforcement of security policies. This results in both time and cost savings for businesses in terms of managing IT and security-related systems.
Among the benefits outlined in the study included reduced operating costs – businesses can save more than US$800,000 annually by reducing costs for guest wireless access services, BYOD support, help desk costs and data security.
Features of Cisco ISE
Cisco ISE provides identity-based network access, allowing the system to determine whether the users on the network are authorised and policy-compliant. ISE then grants approved users limited access to the network, according to their particular user role. For example, a sales employee will only have access to data that is relevant to their responsibilities as a sales agent; managers will have wider access due to their job description.
In addition, authorised guests on the network will have timed access using temporary login accounts. ISE features support for personal devices as well, so employees may also use their own devices on the network securely.
Profiled endpoints on the network allow the enterprise to keep track of all endpoints, or ‘identities’, on the network. Called the Cisco ISE Profiler function, it makes viewing and organising all network identities easier. The Profiler service collects these pieces of data and passes them to the Profiler analyser to be classified and grouped according to their respective policies.
ISE simplifies access services for its customers, providing a straightforward process for profiling, authenticating and enforcing security policies. This strengthens a business’ cybersecurity posture and provides greater security against external threats. With Cisco ISE, potential data breaches from vulnerable guest accounts, outdated software and virus settings, and unencrypted BYOD devices can be avoided.
Because Cisco ISE makes identification of all endpoints and authentication very easy from an operations standpoint, the network’s security is enhanced. With Cisco ISE, businesses will find incredible support toward ensuring that their enterprise network remains secure.
Stealthwatch + ISE = Visibility and Control
When integrated, Cisco Stealthwatch and ISE deliver unmatched network visibility and control for thwarting advanced attacks.