Руководство По Настройке для Cisco Cisco Identity Services Engine 1.1
At-a-Glance
Stop Threats Before They Stop You
Cisco® Rapid Threat Containment makes it easy to get fast answers
about threats on your network and to stop them even faster. It uses
an open integration of Cisco security products, technologies from
Cisco partners, and the extensive network control of the Cisco Identity
Services Engine (ISE).
about threats on your network and to stop them even faster. It uses
an open integration of Cisco security products, technologies from
Cisco partners, and the extensive network control of the Cisco Identity
Services Engine (ISE).
In addition, you can protect critical data quickly through the Threat-
Centric NAC feature of Rapid Threat Containment. With this advanced
network access control technology you can manually or automatically
change your users’ access privileges when their threat or vulnerability
scores go up. Devices that are suspected of being infected can be
denied access to critical data while their users can keep working on less
critical applications.
Centric NAC feature of Rapid Threat Containment. With this advanced
network access control technology you can manually or automatically
change your users’ access privileges when their threat or vulnerability
scores go up. Devices that are suspected of being infected can be
denied access to critical data while their users can keep working on less
critical applications.
With Rapid Threat Containment you can turn your security intelligence
and response technologies into an integrated operation to see and stop
threats wherever and whenever they occur in your network.
and response technologies into an integrated operation to see and stop
threats wherever and whenever they occur in your network.
Rapid Threat Containment in Action
1. Get Answers Faster
Use Cisco pxGrid partner
technologies to find threats
faster
2. Stop Attacks Faster
Use the networks to contain
attacks manually or
automatically
3. Protect Critical Data Faster
Dynamically restrict access
permissions or remove a
device as its threat score
worsens
*
ISE
pxGrid
X
Security Intelligence
Network as an Enforcer
Network
~5 Seconds
Automatic or initiated by IT admin
Threat
Router Wireless DC FW DC Switch
Switch
StealthWatch
Custom
Detection
SEM
Firepower
Firewall
Note: In this figure, the network comprises switches, routers, wireless
controllers, data center firewalls, and data center switches.
© 2016 Cisco and/or its affiliates. All rights reserved.
Cisco Rapid Threat
Containment
Benefits
• Get answers faster: You can
organize all relevant threat
information on one analysis
platform instead of having to
conduct lengthy investigations,
traversing from system to
system. It’s easier to see
and understand threats and
vulnerabilities on a single Cisco
or technology partner product.
• Stop attacks faster: When
you’ve recognized a threat, you
can take immediate action to
stop it by directing ISE to contain
the device from your analysis
platform. You can also automate
responses so you don’t have to
spend time on threats that are
clearly identified.