Cisco pxGrid Aims To Improve Network Security

Cisco Systems officials are using the company’s Identity Services Engine as a cornerstone of an effort to enable third parties to develop applications to enhance security and context awareness in data centre networks.

The networking giant is creating a framework called the Platform Exchange Grid (pxGrid), through which developers can create security applications for the Identity Services Engine (ISE).

New capabilities

These applications will bring new capabilities to the ISE that will enable the sharing of information about devices on a Cisco network – such as the type of device and how it is accessing the network – and the creation of policies for how to manage and secure these devices.

The pxGrid will enable Cisco’s Security Technology Partner Ecosystem, which is targeted at improving network security by leveraging third-party capabilities in ISE to create greater identity and device context and a unified point of network policy.

It’s a way of ensuring that all points along the network have the necessary data to identify and manage the devices in the network, and to develop remediation policies in case a threat arises, and to use ISE as the foundation of the effort.

Cisco’s ISE is designed to give organisations greater control and information regarding the devices connecting into the network, and to develop security policies around that data. Such capabilities are increasingly important at a time when employees, through bring–your-own-device (BYOD) efforts, are using smartphones, tablets, notebooks and other systems to access the network, and when the Internet of Things promises more network connections not only from people but also from machines and sensors.

“Until now, SIEM [security information and event management] threat defense systems have lacked a complete picture of mobility and BYOD security risks, but with our new ecosystem they can use ISE network telemetry to correlate user, device and policy context with their traditional threat defense data sets,” Dave Frampton, vice president and general manager of Cisco’s Secure Access and Mobility Product Group, said in a statement. “In addition to identifying new categories of possible threats on the network, they can now also target suspicious mobile devices and start creating device- or user- or group-specific analytics for additional scrutiny.”

Single source

ISE becomes a “single source of truth all from one screen”, making it easier for organisations to assess threats and take actions rather than having to scan through a variety of screens and having to figure out what’s going on, Frampton said.

Vendors within the Cisco Security Partner Ecosystem can integrate their applications with ISE to make it easier for IT administrators to identify and resolve network issues, and enables partners to develop products that can reach into Cisco-based networks to create and enforce policies on users and devices, such as quarantine and blocking network access, according to Cisco officials.

Cisco already has brought together a number of partners around SIEM and threat defense, including IBM, Tibco LogLogic, Symantec, Lancope, Splunk and LogRythm, part of what the vendor calls its Secuirty Threat Defense Ecosystem.

Cisco is planning to create additional ISE-centred security partner ecosystems in the future. The aim to create greater insight into such data as user identities and device types, which is key when analysing security threats.

“There is great operational value in at least getting the IT infrastructure aware of ‘who, what, where and how’ so these platforms can operate from a common set of accurate, consistent and real-time data about the users and endpoint devices on the network,” Scott Pope, senior manager in Cisco’s Identity and Policy Management Ecosystem, wrote in a 13 June post on the Cisco blog. “Most IT platforms lack this identity and device awareness, leaving them disadvantaged in a number of ways, the most obvious of which today is the ability to construct (and enforce) sound mobility and BYOD policies.”

Cisco officials said pxGrid is available for early adoption by ISE integration partners, and that ISE is only the first platform at the company to adopt pxGrid. In addition, the networking vendor will look to standardise pxGrid by bringing it to industry standards organisations beginning in 2014.

They will talk about pxGrid at the Cisco Live 2013 show, which begins the week of 23 June in Orlando, Florida.

Are you a security pro? Try our quiz!

Originally published on eWeek.