ISE Overview
Cisco’s Identity Services Engine (ISE) is a network security solution that provides identity-based security and policy enforcement for access control on wired, wireless, and remote access network devices. ISE is a centralized authentication, authorization and accounting platform that integrates network access control (NAC), posture assessment, and identity management to ensure that only authorized users and devices are granted access to the network and that they meet security requirements and need, before accessing network resources.
THE KEY BENEFITS OF CISCO ISE INCLUDE:
- Context-aware policy enforcement: ISE provides context-aware policy enforcement based on user identity, device type, location, and other attributes. This allows organizations to define and enforce access policies that meet their security requirements.
- Posture assessment: ISE performs posture assessments to determine if a device is compliant with security policies before granting network access, ensuring that only secure devices are allowed on the network.
- Integration with other security solutions: ISE integrates with other security solutions, such as firewalls, intrusion prevention systems (IPS), VPNs, and wireless controllers to provide a centralize, unified security infrastructure. This allows organizations to enforce consistent security policies across the entire network while also providing deeper visibility into network activity and the ability to effectively respond to security threats.
- Role-based access control: ISE supports role-based access control, allowing organizations to define and enforce access policies based on specific user roles and responsibilities.
- Centralized management: ISE provides centralized management and reporting, enabling organizations to manage their network security policies from a single console, reducing administrative overhead and complexity, while increasing efficiency and reducing human error.
ISE Assessment Details
Cisco ISE can be a complex technology that provides many advanced features. However, many organizations do not utilize the full potential of ISE to secure their network due to issues such as resource constraint, lack of expertise, or cross-departmental challenges. CyKor’s Technical Solution Architects have vast experience in designing ISE solutions, implementing greenfield deployments, and optimizing existing ISE deployments.
The CyKor ISE Health Check Assessment will follow our outlined process to help in understanding your organization’s long-term goals with the solution, any potential gaps in the current deployment, performance enhancements and logical next steps for optimizing your deployment.
Our Process:
Interview organizational stakeholders of the NAC solution. This will be to understand organizational challenges, compliance requirements, scope of the deployment, desired security policy, desired end user experience.
Review:
- ISE system setup and server health
- Integration with wireless, wired, and VPN networks
- Integrations with third party systems, directory services, MDM, and PKI
- Security policy setup and configurations
- Advanced features such as Guest Flow, Posture, Profiling, and TrustSec
Deliverables
Detailed Assessment Report identifying the results to include:
- Overview of organizational requirements and goals for an enhanced NAC solution
- Document all findings of the existing ISE system configurations with comparisons to Cisco Best Practices
- Provide a gap analysis of the deployed security policy vs. the company desired policy
- Recommended next steps on suggested modifications to optimize ISE system configurations and policies based on our findings
IS YOUR NETWORK READY?
Our FREE assessment will review your system setup, server health, integrations, configurations, and more to deliver a report, findings, optimization suggestions, and next steps for deploying your ISE solution.
