Руководство По Настройке для Cisco Cisco Identity Services Engine 1.4
At-a-Glance
Audit OSs, Endpoints, and Apps for Threats
Network environments have become increasingly complex with the
multitude of devices that are constantly being given access. This new
network complexity has highlighted management issues related to
security such as the limited analysis capabilities of traditional solutions,
and the inability of many solutions to comply with industry security
requirements. It was once sufficient to analyze network vulnerabilities
using broad identifiers such as an IP address. However, the increase in
mobile traffic and devices, bring-your-own-device (BYOD) initiatives,
software as a service (SaaS), and virtualization have contributed to
the need for deeper network security visibility and more fine-grained
analysis. Vulnerability assessment tools enable the audit of operating
systems, servers, network devices, databases, and web applications for
known or potential vulnerability threats.
multitude of devices that are constantly being given access. This new
network complexity has highlighted management issues related to
security such as the limited analysis capabilities of traditional solutions,
and the inability of many solutions to comply with industry security
requirements. It was once sufficient to analyze network vulnerabilities
using broad identifiers such as an IP address. However, the increase in
mobile traffic and devices, bring-your-own-device (BYOD) initiatives,
software as a service (SaaS), and virtualization have contributed to
the need for deeper network security visibility and more fine-grained
analysis. Vulnerability assessment tools enable the audit of operating
systems, servers, network devices, databases, and web applications for
known or potential vulnerability threats.
Cisco® Identity Services Engine (ISE) shares accurate contextual data,
such as user identity, user privilege levels, endpoint device type, and
endpoint security posture through the engine’s Cisco Platform Exchange
Grid (pxGrid) technology, with vulnerability assessment platforms.
Together, they deliver in-depth network vulnerability visibility along with
relevant identity and device context. The integration of these leading-
edge security solutions gives security analysts the ability to assess the
significance of a vulnerability event by correlating the context of the
event within a vulnerability management platform console. This creates
a detailed picture of the risks each vulnerability represents and the
ability to take immediate action on the most egregious ones.
such as user identity, user privilege levels, endpoint device type, and
endpoint security posture through the engine’s Cisco Platform Exchange
Grid (pxGrid) technology, with vulnerability assessment platforms.
Together, they deliver in-depth network vulnerability visibility along with
relevant identity and device context. The integration of these leading-
edge security solutions gives security analysts the ability to assess the
significance of a vulnerability event by correlating the context of the
event within a vulnerability management platform console. This creates
a detailed picture of the risks each vulnerability represents and the
ability to take immediate action on the most egregious ones.
How Cisco Identity Services Engine Integration with
Vulnerability Assessment Platforms Works
• Cisco ISE provides user identity and device/contextual information to
vulnerability assessment platforms.
• Cisco ISE contextual data is used to generate a complete view of
vulnerability event, identity, and device data. The information is used
to rate the severity of vulnerabilities, which then allows vulnerability
events and responses to be prioritized.
to rate the severity of vulnerabilities, which then allows vulnerability
events and responses to be prioritized.
Benefits
• Increase the accuracy and
effectiveness of vulnerability
assessment platforms.
• Decrease response time and
complexity when responding
to vulnerability events.
• Enhance security analysis
through deeper visibility into
network vulnerabilities.
© 2015 Cisco and/or its affiliates. All rights reserved.
Cisco Identity Services
Engine Integration
with Vulnerability
Assessment Platforms