As promised, in this entry to our ISE blog series we are going to begin our adventure into Cisco TrustSec, or CTS for short. When I am approaching a new technology, I find it helpful to not only understand what it is, but also why it exists. So, in this post, we’re going to attempt to cover just that; what is Cisco TrustSec and why do I care?
In our previous entries to this series, we’ve deployed ISE, integrated it with Microsoft AD, and configured the ISE server-side certificates. All of that being completed, we are now ready to configure our Policy Set for 802.1X and test it out.
This week is week 3 of National Cybersecurity Awareness Month (NCSAM). Each week of NCSAM is focused around a different theme meant to address specific challenges organizations face and identify how to address those challenges. Week 3 is focused around educating employees of the importance of online security and safety and their role in keeping your organization safe from online threats.
What if you could see into the future and knew when an attack on your network was coming and were able to stop it, or at least mitigate its impact?
So, you have invested in the latest generation of security appliances with their application aware policy capabilities, integrated IDS/IPS and URL filtering. All your endpoint devices have been deployed with the newest Advanced Malware Protection agents using the latest machine learning technology. You subscribe to the CVE feed and have a well-defined procedure to patch your entire environment at the first hint of a zero-day exploit. System and policy changes are required to go through rigorous change control, and if that’s not enough all your employees have been subjected to intensive information security training. One might think it’s time to relax put your feet up and grab yourself a nice cup of tea or favorite adult beverage.
As threats become more sophisticated, organizations are responding by introducing layers of security that go beyond just securing your internet edge and deploying anti-virus on the desktops. A big challenge with this approach is managing the often disparate systems that make up these layers. Cisco has made huge strides to correct this with their software releases this year, but in reality, it still requires a trained team to monitor and manage these solutions. Leaner IT teams are desperately looking for an easy to manage tool with nice reporting that catches the vast majority of issues. After deploying and managing Cisco Umbrella (formerly OpenDNS) for customers and for LookingPoint internally, I really believe this is the tool that will get the most use and provide the highest overall value for your security dollar.
Network security is often delegated to singular devices within the network. For instance, you might allow unfettered access for all endpoints within the core of your corporate network and enforce the access policy at the edge firewall. For your wireless users, you might choose to enforce a singular policy for all users allowing every wireless user access to HTTP, HTTPS, SSH, and Telnet and implementing this policy at the access point (autonomous mode) or at the Wireless LAN Controller (lightweight mode). This “one-size-fits-all” approach is not the ideal way to implement network security.
Fireside Chats are a LookingPoint video series where we bring casual technology conversations to you! In this chat we are discussing a topic that many of our customers are talking about this year: Security and Network Visibility. Sit back, relax, and enjoy another fireside chat.
Subscribe to the informative Newsletter to be Notified Updates in the Technology world.