Security
-
Cisco Identity-Based Networking Services (IBNS) 2.0
Cisco IBNS 2.0 is an integrated solution that offers authentication, access control and user policy enforcement with a common end to end access policy that can apply to both wired and wireless networks. It is a combination of the following products: Enhanced FlexAuth Cisco Common Classification Policy Language Cisco ISE
-
Network Access Control – Enhanced Flexible Authentication (FlexAuth)
A Cisco Switch configured with 802.1x, MAC Authentication Bypass, and WebAuth will always try 802.1x authentication first, followed by MAB, followed by WebAuth. If there is an endpoint that does not support 802.1x when it tries to connect to the network, it will need to wait for a reasonable amount of time before WebAuth is…
-
Network Access Control – Web Authentication (WebAuth)
Endpoints that connect to the network may not have 802.1x capabilities, Web Authenticaiton can be used as a fall back similar to MAC Authentication Bypass. Endpoints are presented with a portal requesting a username and password. The username and password submitted through the web portal are sent from the switch (or wireless controller) to a…
-
Network Access Control – MAC Authentication Bypass (MAB)
MAC Authentication Bypass is an access control technique that enables port-based access control using the MAC address of the endpoint, it is used as a fallback mechanism to 802.1x Process The switch initiates authentication by sending a EAPoL identity request message to the endpoint every 30 seconds by default. After three timeouts the switch will…
-
Network Access Control – 802.1x
IEEE 802.1x is a standard for port-based network access control. It provides an authentication mechanism for local area networks and wireless area networks. Components 802.1x is made up of the following components: Extensible Authentication Protocol This message format and framework provides an encapsulated transport for authentication parameters EAP Method Different authentication methods can be used…
-
Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine is a security management platform that provides network access control to users and devices across wired, wireless and VPN connections. It allows for visibility of what is happening inside of the network, such as who is connected (endpoints, users, and devices), applications that are installed and running on endpoints plus more.…
-
Cisco StealthWatch Cloud
Stealthwatch Cloud provides the visibility and continuous threat detection required to secure on-premises, hybrid, and multicloud environments. StealthWatch cloud can detect threats in real time in the network, or cloud. StealthWatch is a cloud software-as-a-service solution. StealthWatch Cloud is offered in two solutions: Public Cloud Monitoring Public StealthWatch Cloud provides visibility and threat detection in…
-
Cisco StealthWatch Enterprise
Cisco StealthWatch Enterprise provides real time visibility into activities occuring on the network. This activity monitoring can be extended to the cloud, across the network, into branch locations, in the data centre or on the endpoints. StealthWatch has several components at its core, the Flow Rate Licence, the Flow Collector, Management Console, and Flow Sensor.…
-
Cisco Stealthwatch
Cisco Stealthwatch is a collector and aggregator of network telemetry data that performs network security analysis and monitoring to automatically detect threats. It is able to detect threats that successfully infiltrate the network and also threats that have originated from inside the network. Stealthwatch can quickly and with high confidence detect threats such as command…
-
Cisco Firepower Management Centre
The Cisco Firepower Management Centre is a management platform that aggregates and correlates threat events, contextual information, and network device performance data. It can be used to monitor information that Firepower security devices are reporting to reach other and examine the overall activity occurring in the network. The Firepower Management Centre can perform event and…