Cisco Cisco Identity Services Engine 1.0.4 Leaflet

Page 2 of 4

Securing Confidential Information

Network access by mobile devices is often critical for productivity as individuals move within a facility. Yet

protecting confidential assets is equally important. Take for example the need to grant executives access to

confidential information only in the boardroom, or or denying access to healthcare professionals trying to access

patient records while in the hospital cafeteria. Location-based network access allows you to give users access to
certain files and data only while they’re in the board room, the lab, or whatever the classified area may be. When

an individual leaves the designated area, access to specific information is automatically denied, protecting

corporate secrets and other confidential data.

Components

The location-based authorization enabled by the integration of the Cisco Mobility Services Engine with Cisco ISE

2.0 increases the granular control administrators have and their ability to be more sensitive in their access

authorization. MSE will also help administrators enforce location-based policies by periodically checking for

location change and automatically reauthorizing the user if a location change is detected. Finally, ISE 2.0 with MSE

streamlines the configuration of location-based policies. You can define user access policies using the same

management tools already available through ISE.

Main Features

The integration of Cisco MSE with Cisco ISE 2.0:

●

Enables you to configure location hierarchy across all location entities

●

Applies MSE location attributes to access requests to be used in your authorization policy

●

Checks the MSE periodically (every 5 minutes) for location changes

●

Reauthorizes access or updates the policy based on the new location

How It Works

A network administrator defines the location hierarchy and grants users specific access rights to specific data

based on their location (Figure 1). These rights can vary by room, floor, or building as needed.