The document discusses several Cisco network security products:
- Identity Services Engine (ISE) provides context-aware access control and shares user data.
- Intrusion Prevention System (IPS) detects and prevents various cyber attacks like denial of service.
- Web Security Appliance (WSA) filters web traffic and scans for malware and data loss.
- Access Control System (ACS) centralizes access policies for wireless, wired, and network devices.
- Adaptive Security Appliance (ASA) provides firewall functionality, VPN access, and acts as an authentication proxy.
2. ISE
Controller
A centralised security solution that automates context-aware access to
network resources and shares contextual data
Identity Profiling
and Posture
Networ k Resources
Who
What
When
Where
How
Compliant
ll
ISE
Role-Based Policy Access
Guest Access
BYOD Access
Role-Based Access
(Identity Services Engine)
Guest / Users
5. Initial Connection using PEAP
Redirection to Android Market
To install provisioning utility
Provisioning Using Cisco Wi-Fi Setup
Assistant
Change of Authorization
Future Connection using EAP-TLS
Android Device Provisioning
6. WLC (Wireless Lan Controller)
Wireless controllers centrally manage, secure, and configure access points throughout the
organization.
WLC
7. WSA (Web Security Appliance)
WWW
Web
Reputation
Web
Filtering
Application
Visibility
and Control
Webpage
Parallel
AV
Scanning
File
Reputation
Data Loss
Prevention
Advance
Malware
Protection
Cognitive
Threat
Analysis
It combines Advanced Malware Protection (AMP), application visibility and control (AVC),
acceptable-use policies, insightful reporting.
We can address the challenges of securing and controlling web traffic.
8. ACS (Access Control System)
• It offers central management of access policies for device administration and for wireless and wired
802.1X network access scenarios.
• Receive support for two distinct protocols: RADIUS for network access control and TACACS+ for
network device access control
• Use multiple databases concurrently for maximum flexibility in enforcing access policy
Supplicant
IP Phone
Endpoint Device
Catalyst Switch
Wireless Lan Controller
Campus Network
Nexus 7000
Protected Resources
ACS
AD
9. AAA
• These AAA services provide a higher degree of scalability than line-level and
privileged-EXEC authentication to networking components.
• Unauthorized access in campus, dialup, and Internet environments creates the
potential for network intruders to gain access to sensitive network equipment
services and data
• Using a Cisco AAA architecture enables consistent, systematic and scalable
access security
Cisco provides two ways of implementing AAA services for Cisco routers,
network access servers
• Self-contained AAA
• Cisco Secure ACS Solution Engine
Authentication Authorization and Accounting
10. AAA Protocols
AAA Protocols TACACS+ RADIUS
Layer 3
Protocols
Encryption
Standard Cisco
Entire Body
TCP/IP UDP/IP
Password Only
Open
11. ASA (Adaptive Security Appliance)
• A firewall is a network security device that monitors incoming and outgoing
network traffic and decides whether to allow or block specific traffic based
on a defined set of security rules.
• Firewalls have been a first line of defence in network security
• They establish a barrier between secured and controlled internal networks
that can be trusted and untrusted outside networks, such as the Internet.
Internal Network
L3 Switch
L3 Switch
L3 Switch
L3 Switch
Inside
Outside
Outside
Active Firewall
Standby Firewall
Failover Link TrunkTrunk
12. Foundational Functionality
Stateful Firewalling VPN Capabilities
Policy Enforcement Point for
ISE
Stateful Firewalling
TCP Normalization
TCP Intercept
IP Options Inspection
IP Fragmentation
NAT
Routing
Access Control List
13. VPN Capabilities
Diverse Endpoint Support Split Tunneling Capabilities
Mobile and non-mobile devices
Cisco and Non-Cisco devices
Corporate and Sensitive info
Personal and Generic info
14. IPS (Intrusion Prevention System)
Intrusion prevention system is intended to prevent malicious events from occurring by preventing
attacks as they are happening. There are a number of different attack types that can be prevented
using an IPS including (among others):
• Denial of Service
• Distributed Denial of Service
• Exploits (Various types)
• Worms
• Viruses
Edge Device
Firewall
DMZ
Inside
IPS 2
IPS 1
Web Servers
Application Database
15. Priority 1
Priority 2
Priority 3
Automatically correlates information from intrusion events with
network assets to prioritize threat investigation
Protects the Network more effectively
16. Blended Threats and attacks coming through multiple
vectors are quickly identified
Protects the Network more effectively