Cisco Cisco Identity Services Engine Software 信息指南
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 2 of 3
“Mobility has gone in a very short time from a minimal technology used for consuming information—in many cases
relying on manual processes
—to a much more electronic capability,” Bennington says. “This means that we need
better, more granular security and controls for our digital networks.”
Cisco ISE is a centralized security solution that automates context-aware access to network resources. It achieves
this by collecting data about the network, the type of device, partner or user identity, and location, and analyzing
the sum total to make an informed access decision. Integrated with the city’s AirWatch security program, ISE is
the sum total to make an informed access decision. Integrated with the city’s AirWatch security program, ISE is
designed to provide:
●
Differentiation of service based on user identity
●
Securing of the wireless network with Extensible Authentication Protocol (EAP) methods for authentication
●
Web-based authentication for guest users
●
Sponsor access to create guest accounts
●
Profiling and posture capabilities
Onsite work was done by two certified Cisco Gold Partners. These included Data#3, a Brisbane-based company
serving Australia and the Asia-Pacific region, which provided initial planning, product, and deployment services to
Stirling. Partner DimensionData is a global firm, which served as the systems integrator for the Wi-Fi network
security implementation.
“One of the advantages of working with Cisco is its impressive ecosystem of partners, and we had a great partner
experience,” says Matt Younger, the city’s ICT Infrastructure & Network Architect. “These teams were with us the
whole way, from design to implementation.” Cisco also supported the project from the United States, including
experience,” says Matt Younger, the city’s ICT Infrastructure & Network Architect. “These teams were with us the
whole way, from design to implementation.” Cisco also supported the project from the United States, including
creating an early software
update to resolve an integration issue. “You always expect to run into some problems on
a large deployment,” Younger added. “It comes down to how quickly they can be resolved. We were very happy
with the personalized support we got from Cisco.”
with the personalized support we got from Cisco.”
Business Results: Achieving Invisibility
“The goal of our Cisco ISE implementation was to have no one realize that we had done it,” Bennington says, “and
we absolutely achieved that.”
we absolutely achieved that.”
As well as meeting goals of availability, reliability, and performance, Stirling had set the expectation that its new
security solution would literally not be noticeable to its users. “We knew we had it right when we asked workers
how they liked the new identity management system, and they responded, ‘What are you talking about?’”
security solution would literally not be noticeable to its users. “We knew we had it right when we asked workers
how they liked the new identity management system, and they responded, ‘What are you talking about?’”
Bennington says.
City employees and citizen users no longer receive demands for multiple logins, even from field locations; nor do
they go through a complex, multistage sign-in process, even with VPN. Previously, users had to log on
continuously throughout the day, and IT heard many complaints about midsession interruptions. Today, Cisco ISE
identifies users, knows who they are, where they work, and what they should have access to
—all transparently to
“We wanted one centralized solution for identity management. It needed
to be a simplified approach that would integrate with our other strategies
on both our public and private networks.
to be a simplified approach that would integrate with our other strategies
on both our public and private networks.
”
— Peter Bennington, Chief Technology Officer, City of Stirling, Western Australia