Cisco introduced new developments with security partners and information-sharing techniques under its Cisco Security Technology Partner Ecosystem. Enabled by a new context information-sharing framework called Platform Exchange Grid (pxGrid), this new ecosystem brings a “strength through integration” mindset to the fragmented and silo-prone network security landscape.
Cisco is providing partner IT systems with a unified context and control platform they can integrate in the form of its network wide policy management platform, Identity Services Engine. ISE delivers a unified, real-time source of control for identity and endpoint devices, policy context and network access across a customer’s network, expanding the intelligence the customer can use in concert with its IT infrastructure to discover, defend and remediate threats.
Cisco Security Ecosystem partners that integrate with ISE increase their efficiency of operations and accelerate the ability of their IT staff to resolve network issues. The ecosystem also extends to partner products the ability to reach into the Cisco network infrastructure to execute policy actions on users and devices — such as quarantine and blocking network access.
ISE is central to the Cisco Security Ecosystem because of its distinguishing ability to create partnership hooks in a variety of areas. It already is a focal platform for mobile device management partnerships, and Cisco is creating the Cisco Security Threat Defense Ecosystem — a new integration with leading SIEM (security information event management) and threat defense systems.
SIEM and threat defense partners include IBM, Lancope, LogRhythm, TIBCO LogLogic, Splunk and Symantec. Cisco plans additional ISE-centered security partner ecosystems in the future to further extend identity and device awareness throughout the IT infrastructure.
Like many other network systems, SIEM and threat defense systems often have limited insight to real-time user identity or endpoint device type in their security analyses. This is critical because these are among key attributes for effectively handling things like employees bringing their own mobile devices to work.
Through ISE, the Cisco Security Threat Defense Ecosystem integrates with SIEM and threat defense systems to create policies and analytics based not just on network patterns but also on type of device and class of user.
The Threat Defense Ecosystem also makes security more actionable, integrating SIEM and threat defense with a central policy point instead of being another silo. This provides consistent cross-platform user/device visibility and control — all from a single screen.
Furthermore, the Threat Defense Ecosystem gives Cisco leadership in securing unified wired and wireless networks, which the company calls Unified Access, an intelligent network platform that can enable connected experiences and operational efficiencies. Unified Access is the business foundation to support the bring-your-own-device (BYOD) trend, and the Internet of Everything (IoE).
Also today, Cisco announced it is making Platform Exchange Grid (pxGrid) available for early adoption by ISE integration partners. Designed for cross-vendor adoption, ISE is the first platform to adopt pxGrid at Cisco, enabling it to share its context as well as consume context from ecosystem partners for use in network policy.
An innovative approach, the pxGrid platform-independent framework enables customizable, many-to-many sharing between any third-party platforms that adopt pxGrid. Cisco will pursue standardization of pxGrid via relevant industry standards organizations in 2014.
Dave Frampton, vice president and general manager, Cisco Secure Access and Mobility Product Group, comments: “Until now, SIEM/threat defense systems have lacked a complete picture of mobility and BYOD security risks, but with our new ecosystem they can use ISE network telemetry to correlate user, device and policy context with their traditional threat defense data sets. In addition to identifying new categories of possible threats on the network, they can now also target suspicious mobile devices and start creating device- or user- or group-specific analytics for additional scrutiny. By incorporating unique real time network and device context from ISE, they now have a single source of truth all from one screen. This consolidation helps them sort through suspicious events faster and take focused remediation action versus having to literally look at five different screens and manually connect the dots.”