With Gaurav Sharma Software Engineer 2011 Cisco andor
- Slides: 8
With, Gaurav Sharma Software Engineer © 2011 Cisco and/or its affiliates. All rights reserved. 1
Anyone The RIGHT Person Borderless Networks Any Device An approved Device Anywhere In The Right Way Anytime © 2011 Cisco and/or its affiliates. All rights reserved. 2
Consolidated policy solution that will eventually replace the NAC / ACS products and will provide more features like MDM, BYOD and Trustsec. © 2011 Cisco and/or its affiliates. All rights reserved. 3
Consolidated Services, Software Packages NAC Manager NAC Server ACS NAC Profiler Session Directory User ID Access Rights All-in-One HA Pair ISE NAC Guest Flexible Service Deployment Location Device (& IP/MAC) Admin Console M&T Distributed PDPs Simplify Deployment & Admin Tracks Active Users & Devices Optimize Where Services Run Policy Extensibility Manage Security Group Access System-wide Monitoring & Troubleshooting Link in Policy Information Points © 2011 Cisco and/or its affiliates. All rights reserved. SGT Public Private Staff Permit Guest Permit Deny Keep Existing Logical Design Consolidate Data, Three-Click Drill-In 4
• PIP – Policy Information Point • PAP – Policy Administration Point Interface to configure policies • PDP – Policy Decision Point • PEP – Policy Enforcement Point • © 2011 Cisco and/or its affiliates. All rights reserved. Interface to retrieve policy or policy information Engine that makes policy decisions Interface that queries PDP and enforces policy M&T – Monitoring and Troubleshooting Interface for logging and report data 5
M&T Logging View Logs/ Reports PAP Subject © 2011 Cisco and/or its affiliates. All rights reserved. View/ Configure Policies Access Request PDP Request/ Response Context Query Attributes PIP Logging PEP Resource Access Resource 6
Advanced Base “What do I allow on my network? ” “Are my networked endpoints secure? ” Broad Access Guests Cisco Security Intelligence Ops Internet Device profiles Health profiles Infection detection Quarantine ? Device Features • • • 802. 1 X User & device ID verification & authz Guest management Endpoint inventory ID reporting Agent mgmt Session directory © 2011 Cisco and/or its affiliates. All rights reserved. Features • • • Profiling Health compliance & remediation Infection detection & cleanup Device classification & anti-spoof Security group access 7
Thank you.