Cisco: Cisco Identity Services Engine ( ISE )

Get a security policy management platform that automates and enforces secure access to network resources. Cisco Identity Services Engine (ISE) delivers superior user and device visibility to support enterprise mobility experiences. It shares contextual data with integrated partner solutions to accelerate their capabilities to identify, mitigate, and remediate threats. Cisco Identity Services Engine (ISE) is a network administration product that enables the creation and enforcement of security and access policies for endpoint devices connected to the company’s routers and switches.

Cisco ISE helps IT professionals conquer enterprise mobility challenges and secure the evolving network across the attack continuum. ISE provides you with several capabilities, some of which are listed below.

1.  Centralize and unify network access policy management to provide consistent, secure access to end users, whether they connect to your network over a wired, wireless, or VPN connection.

2.  Gain greater visibility and more accurate device identification. ISE's superior device profiling and zero-day device profile feed service provides updated profiles for the latest devices. Combined, these two features help reduce the number of unknown endpoints (and potential threats) on your network.

3.  Implement logical network segmentation based on business rules by taking full advantage of Cisco TrustSec technology. Use it to create role-based access policy to dynamically segment access without the complexity of multiple VLANs, replicating complicated access control lists across your network, or completely changing network architecture.

4.  Simplify guest experiences for easier guest onboarding and administration. Use ISE’s easily-customizable, branded mobile and desktop guest portals to create access in just minutes. ISE’s dynamic visual workflows let you fully manage every aspect of guest access.

5.  Streamline BYOD and enterprise mobility with easy, out-of-the-box setup for self-service device onboarding and management. ISE includes an internal certificate authority, multi-forest Active Directory support, and integrated enterprise mobility management (EMM) partner software.

With support for 250,000 active, concurrent endpoints (and up to 1,000,000 registered devices), ISE allows enterprises to accelerate mobility projects across the extended network.

6.  Share deep contextual data with third-party ecosystem partner solutions through Cisco Platform Exchange Grid (pxGrid), included within ISE. Contextual data improve the efficacy of partner solutions and accelerate their abilities to identify, mitigate, and remediate network threats.

For example, with ISE, integrated partner solutions can more rapidly remediate threats and streamline network forensics and endpoint vulnerability remediation. They can also provide adaptive single sign-on to identity-federated devices, and even extend secure access to SCADA/control networks - all based on context and identity received from Cisco ISE.


Reference:
Cisco Identity Services Engine
http://www.cisco.com/c/en/us/products/security/identity-services-engine/index.html