Users & Access Security – DCS Website
 
 
 
 
 

  NAC (Network Access Control)

 
 
Cisco Identity Services Engine (ISE)
A security policy management platform that provides secure network access to end users and devices. Cisco ISE enables the creation and enforcement of security and access policies for endpoint devices that are connected to an organization’s routers, switches and wireless. It is designed to help organizations simplify identity management across devices and applications.Cisco Identity Services Engine helps enterprises understand and gain visibility into their network, giving them the ability to see who is connected as well as which applications are installed and running. The product can help with zero-trust strategies by securing the network and everyone and every endpoint connected to it. ISE can also share data like user and device identities as well as threats and vulnerabilities with other integrated Cisco tools to further streamline security policy management.Cisco Identity Services Engine (ISE) provides a range of network access control (NAC) capabilities from guest access to security response depending upon the licenses and appliances purchased. ISE is intended for use with guest and employee endpoints, but Cisco also offers separate and specialized NAC solutions for equipment (internet of things (IoT), operational technology (OT), and industrial controls), for medical devices, and specifically for rapid threat containment.With an increased number of users and devices accessing networks remotely, protecting an organization’s data from network security breaches becomes more complex. Administrators can use Cisco Identity Services Engine to control who has access to their network and ensure authorized policy-compliant devices are being used. IT administrators can use ISE for policy enforcement, visibility, granting guest access to the network, threat containment, tool integrations, device administration and bring-your-own-device (BYOD) management. Cisco ISE can authenticate wired, wireless and virtual private network (VPN) users. Authorized and unauthorized users are logged so administrators can view who and which devices are connected to their network at any time.
Forescout eyeExtend
Automate Security Workflows Across Disparate Products : Share device context between the Forescout Platform and other IT and security products, automate policy enforcement across disparate tools and accelerate system-wide response to mitigate risks.
Forescout eyeControl
Flexible and frictionless network access control for heterogeneous enterprise networks. It enforces and automates Zero Trust security policies for least-privilege access on all managed and unmanaged assets across your digital terrain. Policy-based controls can continuously enforce asset compliance, proactively reduce your attack surface, and rapidly respond to incidents.
Secure Network Access

  • Enforce network access based on user, device identity and security posture
  • Deploy with or without 802.1X in heterogeneous networks
    Enforce Asset Compliance
  • Automate compliance with security policies, industry standards and government regulations
  • Initiate remediation and risk mitigation workflows in real-time
  • Automate Incident Response
  • Automate response to security incidents
  • Contain threats to minimize propagation and disruption
Forescout eyeSegment
Forescout eyeSegment removes the complexity of designing, planning and deploying dynamic segmentation across your digital terrain. Shrink the attack surface, limit the blast radius and mitigate regulatory and business risk by rapidly accelerating your segmentation projects. A core component of Forescout Continuum Platform, eyeSegment enables organizations to embrace zero trust security principles and automate cybersecurity actions across their digital terrain.
Forscout eyeInspect
In-depth device visibility for OT/ICS networks and enables effective, real-time management of operational and cyber risks.

  • Fully understanding the cyber-resiliency of your OT network with an Asset Risk Framework
  • Gain complete device visibility through deep packet inspection of more than 270 industrial network protocols and baseline assets

Defend your network with thousands of OT-specific threat indicators and powerful anomaly detection

Forescout eyeSight
Forescout eyeSight delivers unparalleled insight into every connected asset through deep integration into your network fabric.

  • Discover your entire asset inventory with over 30 active and passive techniques that reveal coverage gaps across your digital terrain, providing a real-time view of your attack surface
  • Automate asset classification and build comprehensive profiles that include known risks and vulnerabilities with threat intelligence powered by Vedere Labs
  • Prepare to face new threats as they emerge by leveraging cloud-based machine learning that continuously improves Forescout’s Device Cloud, a proprietary source of device intelligence with over 30 billion unique data points
  • Continuously assess an asset’s status, risk posture, and policy compliance without needing an agent to be installed, which is essential for protecting IoT, IoMT, and OT assets

Multiply your forces while minimizing human error with automated reporting on compliance posture and cyber-risk exposure, letting you focus your efforts on what matters most.

Aruba Clearpass
Aruba ClearPass for Secure Network Access Control. From IoT to an always-on mobile workforce, organizations are more exposed to attacks than ever before. With Aruba ClearPass, you get agentless visibility and dynamic role-based access control for seamless security enforcement and response across your wired and wireless networks.

Agentless policy control and automated response.
What’s needed beyond visibility, control and response? Real-time policies for how users and devices connect and what they can access is critical, as well as robust guest access and strong enforcement capabilities.Enforcing access privileges to effectively reduce risk. In addition to its role as the policy enforcement mechanism for ClearPass, the Aruba Policy Enforcement Firewall (PEF) has been designated “Cyber Catalystsm”, based on its ability to effectively reduce risk.

Secure access for guest, BYOD and corporate devices
There are simple ways to let users securely connect devices to a network – without compromising security. ClearPass includes secure Wi-Fi guest access, device onboarding and health checks, and strong enforcement capabilities.

Leverage the ClearPass Security Ecosystem.
Integrating disparate tools and technologies is critical in today’s security environment. Our Security Exchange Program brings together best-of-breed third-party solutions for end-to-end security – from the campus to the road warrior.

Key features

    • Role-based, unified network access enforcement across multi-vendor wireless, wired and VPN networks.
    • Intuitive policy configuration templates and visibility troubleshooting tools.
    • Supports multiple authentication/authorization sources (AD, LDAP, SQL).
    • Self-service device onboarding with built-in certificate authority (CA) for BYOD.
    • Guest access with extensive customization, branding, and sponsor-based approvals.
    • Integration with key UEM solutions for in-depth device assessments
    • Comprehensive integration with the HPE Aruba Networking 360 Security Exchange Program.
    • Single sign-on (SSO) support works with other identity management tools to improve user experience to SAML 2.0-based applications.
    • FIPS 140-2 and CC certified.

 

 

 
 
 
 

Asset Discovery

Email Security

Endpoint Security

NAC (Network Access Control)

Web Security

ZTNA