Cisco Cisco Identity Services Engine 2.1 Anwendung
At-a-Glance
Apply a Consistent Network-wide Security Policy
Now the best-selling Cisco® Identity Services Engine (ISE) has been
integrated with the Check Point® Identity Awareness Software Blade
to give you more detailed visibility into users, groups, and machines,
combined with real-time, comprehensive identity and network privilege
context. The result? Better protection of your infrastructure and
resources moment to moment.
integrated with the Check Point® Identity Awareness Software Blade
to give you more detailed visibility into users, groups, and machines,
combined with real-time, comprehensive identity and network privilege
context. The result? Better protection of your infrastructure and
resources moment to moment.
Cisco ISE provides a wealth of user identity, endpoint device, and network
context information that is useful to many IT platforms for customers
around the globe. To bring greater insight to risky user activities on
the network, Cisco ISE uses Cisco Platform Exchange Grid (pxGrid)
technology to share identity, device, and network information. The IT
infrastructure can serve more use cases and operate more effectively
by becoming identity, device, and network aware. Cisco pxGrid is a
unified framework that supports multivendor, cross-platform network
system collaboration among IT infrastructures such as security monitoring
and detection systems, network policy platforms, identity and access
management platforms, and virtually any other IT operations platform.
context information that is useful to many IT platforms for customers
around the globe. To bring greater insight to risky user activities on
the network, Cisco ISE uses Cisco Platform Exchange Grid (pxGrid)
technology to share identity, device, and network information. The IT
infrastructure can serve more use cases and operate more effectively
by becoming identity, device, and network aware. Cisco pxGrid is a
unified framework that supports multivendor, cross-platform network
system collaboration among IT infrastructures such as security monitoring
and detection systems, network policy platforms, identity and access
management platforms, and virtually any other IT operations platform.
Cisco ISE and Check Point: Identity and Network-Aware Security and
Access Control
Cisco ISE
Cisco ISE + Check Point Identity Awareness Blade
Identity Aware Firewall and Access Control
Identity Context from ISE
pxGrid Context
Check Point
The Check Point Identity Awareness Software Blade provides detailed
visibility into users, groups, and machines. It provides application and
access control through the creation of identity-based firewall policies in
a Check Point deployment along with event monitoring and reporting.
Cisco ISE integrates with Check Point’s software blade to provide real-
time and comprehensive identity and network privilege context. That
includes user IP address, name, group, and Cisco TrustSec® security
group tag information.
visibility into users, groups, and machines. It provides application and
access control through the creation of identity-based firewall policies in
a Check Point deployment along with event monitoring and reporting.
Cisco ISE integrates with Check Point’s software blade to provide real-
time and comprehensive identity and network privilege context. That
includes user IP address, name, group, and Cisco TrustSec® security
group tag information.
Cisco Identity Services
Engine and Check
Point Integration
© 2015 Cisco and/or its affiliates. All rights reserved.
Benefits
• Enhance firewall and access
control policies and overall
security monitoring and
reporting through detailed
Check Point Identity
Awareness
• Enforce access and audit data
based on identity through the
firewall mapping of users and
machine identities
• Use Cisco ISE as the source
of data for security policies to
deliver real-time identity data
on a network-wide basis ― not
just for users and devices
known to Microsoft Active
Directory (AD) or Lightweight
Directory Access Protocol
(LDAP) ― for greater accuracy
and the ability to capture any
user or device authenticated to
the network
• Bring policy consistency
across the Cisco network
infrastructure by using Cisco
TrustSec tags with Check Point