With Gaurav Sharma Software Engineer 2011 Cisco andor

  • Slides: 8
Download presentation
With, Gaurav Sharma Software Engineer © 2011 Cisco and/or its affiliates. All rights reserved.

With, Gaurav Sharma Software Engineer © 2011 Cisco and/or its affiliates. All rights reserved. 1

Anyone The RIGHT Person Borderless Networks Any Device An approved Device Anywhere In The

Anyone The RIGHT Person Borderless Networks Any Device An approved Device Anywhere In The Right Way Anytime © 2011 Cisco and/or its affiliates. All rights reserved. 2

Consolidated policy solution that will eventually replace the NAC / ACS products and will

Consolidated policy solution that will eventually replace the NAC / ACS products and will provide more features like MDM, BYOD and Trustsec. © 2011 Cisco and/or its affiliates. All rights reserved. 3

Consolidated Services, Software Packages NAC Manager NAC Server ACS NAC Profiler Session Directory User

Consolidated Services, Software Packages NAC Manager NAC Server ACS NAC Profiler Session Directory User ID Access Rights All-in-One HA Pair ISE NAC Guest Flexible Service Deployment Location Device (& IP/MAC) Admin Console M&T Distributed PDPs Simplify Deployment & Admin Tracks Active Users & Devices Optimize Where Services Run Policy Extensibility Manage Security Group Access System-wide Monitoring & Troubleshooting Link in Policy Information Points © 2011 Cisco and/or its affiliates. All rights reserved. SGT Public Private Staff Permit Guest Permit Deny Keep Existing Logical Design Consolidate Data, Three-Click Drill-In 4

 • PIP – Policy Information Point • PAP – Policy Administration Point Interface

• PIP – Policy Information Point • PAP – Policy Administration Point Interface to configure policies • PDP – Policy Decision Point • PEP – Policy Enforcement Point • © 2011 Cisco and/or its affiliates. All rights reserved. Interface to retrieve policy or policy information Engine that makes policy decisions Interface that queries PDP and enforces policy M&T – Monitoring and Troubleshooting Interface for logging and report data 5

M&T Logging View Logs/ Reports PAP Subject © 2011 Cisco and/or its affiliates. All

M&T Logging View Logs/ Reports PAP Subject © 2011 Cisco and/or its affiliates. All rights reserved. View/ Configure Policies Access Request PDP Request/ Response Context Query Attributes PIP Logging PEP Resource Access Resource 6

Advanced Base “What do I allow on my network? ” “Are my networked endpoints

Advanced Base “What do I allow on my network? ” “Are my networked endpoints secure? ” Broad Access Guests Cisco Security Intelligence Ops Internet Device profiles Health profiles Infection detection Quarantine ? Device Features • • • 802. 1 X User & device ID verification & authz Guest management Endpoint inventory ID reporting Agent mgmt Session directory © 2011 Cisco and/or its affiliates. All rights reserved. Features • • • Profiling Health compliance & remediation Infection detection & cleanup Device classification & anti-spoof Security group access 7

Thank you.

Thank you.