Белая книга для Cisco Cisco Identity Services Engine 1.0.4
© 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 1 of 13
White Paper
Cisco pxGrid: Automate Multi-Platform
Communications through a Unified Architecture
Communications through a Unified Architecture
What You Will Learn
IT Environments are drowning in a deluge of network and security information, adding complexity to security
operations and deploying threat response. Traditional APIs are too limited, insecure and platform specific to
provides a practical solution. Cisco Platform Exchange Grid (pxGrid) provides a way for all of the diverse
multivendor platforms in the environment to exchange information securely, in a tightly controlled bi-directional
manner. This occurs automatically in real time, without relying on platform specific APIs.
This paper discusses:
●
The operational challenges customers face today when dealing with multiple security systems that don’t
communicate or interoperate
●
How Cisco Platform Exchange Grid (pxGrid) enables immediate, automated inter-system communications
●
The Cisco Platform Exchange Grid (pxGrid) architecture and operations
●
How developers can start integrating their platforms with pxGrid today to enable context exchange between
their platforms and Cisco security products, as well as well as with other pxGrid enabled development
partners
A Growing Security and Operational Challenge
To keep the IT environment secure and running smoothly, businesses already use a wide range of tools and
platforms, often from different vendors. These can include identity and access management (IAM) platforms, policy
platforms, security information and event management (SIEM) systems, threat defense systems, and many others.
All of these tools are critical to protect the business and safeguard their operations.
But they don’t talk to each
other, creating multiple “silos” of information and a huge operational challenge.
Swiveling from one tool to another adds a lot of complexity - and cost - to security operations effort. It also reduces
the overall effectiveness of IT security, because it can take a long time, and a great deal of manual effort, to get the
information needed from each of these tools to take the approp
riate security action or respond to a threat. That’s
time that businesses can’t afford when an advanced attack is seeking to burrow deeper into the environment or
exfiltrate sensitive data.
The traditional answer to this problem was to use platform APIs to help platforms share information. But in modern
IT environments, this approach doesn’t scale. APIs are historically specific, single-purpose integrations between
IT environments, this approach doesn’t scale. APIs are historically specific, single-purpose integrations between
one system and another. The number of platforms that need to share information today is just too large;
businesses can’t realistically implement single-purpose APIs linking every tool to every other tool.
businesses can’t realistically implement single-purpose APIs linking every tool to every other tool.