SlideShare a Scribd company logo
1 of 1
Download to read offline
At-a-Glance
Use Network Segmentation to Contain Risks
Your network continually faces advanced cyberattacks from professional
hackers at a time when Internet connections are increasing by the
minute. Each network connection, whether created by cloud services,
mobility, the Internet of Things (IoT), or something else, represents a
potential attack entry point. Your challenge is to balance the network
access that users and devices need with risk mitigation.
The good news is that your Cisco® network already contains the tools
to do that. You just need to activate them to allow your network to
serve as an enforcer of network security policy. For example, you can
contain threats by using Cisco TrustSec® and the Cisco Identity Services
Engine (ISE) to partition your network into smaller segments. Through
a software-defined approach to network segmentation, you can then
protect the segments using specific group policies that determine user
access based on user roles and their business needs.
The result? You securely control network access that is role-based and
topology- and access-independent. You greatly reduce your “attack
surface.” That means that even if hackers do make their way into your
network, they can no longer move freely about and cause widespread
damage.
Centrally Enforce Dynamic Policy
With your Cisco network acting as a network security enforcer, you
centrally apply your security policies networkwide. The right users and
devices now enjoy the right access, and you contain the impact of an
attack. Cisco ISE serves as the centralized policy engine that provides
real-time access control decisions for Cisco switches, routers, and
security devices.
You can also reduce the scope, cost, and complexity of the Payment
Card Industry Data Security Standard (PCI DSS) and Health Insurance
Portability and Accountability Act of 1996 (HIPAA) network compliance
audits.
Use the Cisco as a network enforcer approach to help lower security
risks, improve security operational efficiency, and enhance compliance.
Next Steps
To learn more about using the Cisco Network as an Enforcer solution,
visit the Cisco Enterprise Network Security page.
Cisco Network as an
Enforcer
Use the security
enforcement technology
already in your network to:
•	 Quickly isolate and contain
threats across your
infrastructure.
•	 Limit the impact of attacker
infiltration by segmenting
your network.
•	 Centrally apply granular and
consistent access control
across users, devices,
locations, and more.
“The Cisco solution gives us
a very precise way, from the
wireless access point or the
switch, to identify who is trying
to access what. It allows us
to place users in the right
category and have the right
policy to match information
security demands.”

Roman Scarabot-Mueller
Head of Infrastructure,
Mondi Group International
© 2015 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of
Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/
go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner
does not imply a partnership relationship between Cisco and any other company. (1110R)	 C45-734478-00  06/15

More Related Content

Viewers also liked

A Reality Check on the State of Cybersecurity
A Reality Check on the State of CybersecurityA Reality Check on the State of Cybersecurity
A Reality Check on the State of CybersecurityCisco Security
 
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...Cisco Security
 
Cisco ISE Reduces the Attack Surface by Controlling Access
Cisco ISE Reduces the Attack Surface by Controlling AccessCisco ISE Reduces the Attack Surface by Controlling Access
Cisco ISE Reduces the Attack Surface by Controlling AccessCisco Security
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Security
 
Pervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkPervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkCisco Security
 
Malware and the Cost of Inactivity
Malware and the Cost of InactivityMalware and the Cost of Inactivity
Malware and the Cost of InactivityCisco Security
 

Viewers also liked (6)

A Reality Check on the State of Cybersecurity
A Reality Check on the State of CybersecurityA Reality Check on the State of Cybersecurity
A Reality Check on the State of Cybersecurity
 
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
 
Cisco ISE Reduces the Attack Surface by Controlling Access
Cisco ISE Reduces the Attack Surface by Controlling AccessCisco ISE Reduces the Attack Surface by Controlling Access
Cisco ISE Reduces the Attack Surface by Controlling Access
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security Overview
 
Pervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkPervasive Security Across Your Extended Network
Pervasive Security Across Your Extended Network
 
Malware and the Cost of Inactivity
Malware and the Cost of InactivityMalware and the Cost of Inactivity
Malware and the Cost of Inactivity
 

More from Cisco Security

Incident Response Services Template - Cisco Security
Incident Response Services Template - Cisco SecurityIncident Response Services Template - Cisco Security
Incident Response Services Template - Cisco SecurityCisco Security
 
Cisco 2015 Midyear Security Report Slide Deck
Cisco 2015 Midyear Security Report Slide DeckCisco 2015 Midyear Security Report Slide Deck
Cisco 2015 Midyear Security Report Slide DeckCisco Security
 
Enterprise Strategy Group: Security Survey
Enterprise Strategy Group: Security SurveyEnterprise Strategy Group: Security Survey
Enterprise Strategy Group: Security SurveyCisco Security
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Security
 
Infonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor ScorecardInfonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor ScorecardCisco Security
 
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Cisco Security
 
The Evolution of and Need for Secure Network Access
The Evolution of and Need for Secure Network AccessThe Evolution of and Need for Secure Network Access
The Evolution of and Need for Secure Network AccessCisco Security
 
Cisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco Security
 
String of Paerls Infographic
String of Paerls InfographicString of Paerls Infographic
String of Paerls InfographicCisco Security
 
Midyear Security Report Infographic
Midyear Security Report InfographicMidyear Security Report Infographic
Midyear Security Report InfographicCisco Security
 
Cisco Annual Security Report Infographic
Cisco Annual Security Report InfographicCisco Annual Security Report Infographic
Cisco Annual Security Report InfographicCisco Security
 
City of Tomorrow Builds in Next-Generation Security
City of Tomorrow Builds in Next-Generation SecurityCity of Tomorrow Builds in Next-Generation Security
City of Tomorrow Builds in Next-Generation SecurityCisco Security
 
Laser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsLaser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsCisco Security
 
McAllen Intermediate School District
McAllen Intermediate School DistrictMcAllen Intermediate School District
McAllen Intermediate School DistrictCisco Security
 
Leveraging Context-Aware Security to Safeguard Patient Data
Leveraging Context-Aware Security to Safeguard Patient DataLeveraging Context-Aware Security to Safeguard Patient Data
Leveraging Context-Aware Security to Safeguard Patient DataCisco Security
 
William Paterson University
William Paterson UniversityWilliam Paterson University
William Paterson UniversityCisco Security
 

More from Cisco Security (16)

Incident Response Services Template - Cisco Security
Incident Response Services Template - Cisco SecurityIncident Response Services Template - Cisco Security
Incident Response Services Template - Cisco Security
 
Cisco 2015 Midyear Security Report Slide Deck
Cisco 2015 Midyear Security Report Slide DeckCisco 2015 Midyear Security Report Slide Deck
Cisco 2015 Midyear Security Report Slide Deck
 
Enterprise Strategy Group: Security Survey
Enterprise Strategy Group: Security SurveyEnterprise Strategy Group: Security Survey
Enterprise Strategy Group: Security Survey
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack Continuum
 
Infonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor ScorecardInfonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor Scorecard
 
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
 
The Evolution of and Need for Secure Network Access
The Evolution of and Need for Secure Network AccessThe Evolution of and Need for Secure Network Access
The Evolution of and Need for Secure Network Access
 
Cisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco 2014 Midyear Security Report
Cisco 2014 Midyear Security Report
 
String of Paerls Infographic
String of Paerls InfographicString of Paerls Infographic
String of Paerls Infographic
 
Midyear Security Report Infographic
Midyear Security Report InfographicMidyear Security Report Infographic
Midyear Security Report Infographic
 
Cisco Annual Security Report Infographic
Cisco Annual Security Report InfographicCisco Annual Security Report Infographic
Cisco Annual Security Report Infographic
 
City of Tomorrow Builds in Next-Generation Security
City of Tomorrow Builds in Next-Generation SecurityCity of Tomorrow Builds in Next-Generation Security
City of Tomorrow Builds in Next-Generation Security
 
Laser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsLaser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect Assets
 
McAllen Intermediate School District
McAllen Intermediate School DistrictMcAllen Intermediate School District
McAllen Intermediate School District
 
Leveraging Context-Aware Security to Safeguard Patient Data
Leveraging Context-Aware Security to Safeguard Patient DataLeveraging Context-Aware Security to Safeguard Patient Data
Leveraging Context-Aware Security to Safeguard Patient Data
 
William Paterson University
William Paterson UniversityWilliam Paterson University
William Paterson University
 

Cisco Network as an Enforcer

  • 1. At-a-Glance Use Network Segmentation to Contain Risks Your network continually faces advanced cyberattacks from professional hackers at a time when Internet connections are increasing by the minute. Each network connection, whether created by cloud services, mobility, the Internet of Things (IoT), or something else, represents a potential attack entry point. Your challenge is to balance the network access that users and devices need with risk mitigation. The good news is that your Cisco® network already contains the tools to do that. You just need to activate them to allow your network to serve as an enforcer of network security policy. For example, you can contain threats by using Cisco TrustSec® and the Cisco Identity Services Engine (ISE) to partition your network into smaller segments. Through a software-defined approach to network segmentation, you can then protect the segments using specific group policies that determine user access based on user roles and their business needs. The result? You securely control network access that is role-based and topology- and access-independent. You greatly reduce your “attack surface.” That means that even if hackers do make their way into your network, they can no longer move freely about and cause widespread damage. Centrally Enforce Dynamic Policy With your Cisco network acting as a network security enforcer, you centrally apply your security policies networkwide. The right users and devices now enjoy the right access, and you contain the impact of an attack. Cisco ISE serves as the centralized policy engine that provides real-time access control decisions for Cisco switches, routers, and security devices. You can also reduce the scope, cost, and complexity of the Payment Card Industry Data Security Standard (PCI DSS) and Health Insurance Portability and Accountability Act of 1996 (HIPAA) network compliance audits. Use the Cisco as a network enforcer approach to help lower security risks, improve security operational efficiency, and enhance compliance. Next Steps To learn more about using the Cisco Network as an Enforcer solution, visit the Cisco Enterprise Network Security page. Cisco Network as an Enforcer Use the security enforcement technology already in your network to: • Quickly isolate and contain threats across your infrastructure. • Limit the impact of attacker infiltration by segmenting your network. • Centrally apply granular and consistent access control across users, devices, locations, and more. “The Cisco solution gives us a very precise way, from the wireless access point or the switch, to identify who is trying to access what. It allows us to place users in the right category and have the right policy to match information security demands.” Roman Scarabot-Mueller Head of Infrastructure, Mondi Group International © 2015 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/ go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) C45-734478-00  06/15