What is software-defined segmentation, and how can it help protect your business?
Simplify Your Network Security with Software-Defined Segmentation
Cisco TrustSec technology simplifies the provisioning of network access, accelerates security operations, and consistently enforces policy anywhere in the network. This scalable and agile segmentation technology is embedded in more than 40 switches, routers, wireless devices, and other Cisco products.
Traffic classification is based on endpoint identity, not IP address. It is also not based on IP-based access control lists (ACLs), so policy changes don’t require network redesign.
Stop malicious actors from accessing your network and meet compliance goals more easily. Gain a network and security infrastructure that provides the following benefits:
Simplified Access Management
- Control access to critical enterprise resources by business role, device type, and location, so policy changes can be made without redesigning the network
- Easily manage access control and segmentation while maintaining compliance
- Create and manage policies in an easy-to-use matrix
Consistent Policy Across the Network
- Consistently enforce policies across the network and scale from mobile users to the data center.
Use the Cisco Identity Services Engine, our award-winning central policy management platform, to:
- Gather advanced contextual data about who and what are accessing your network
- Define role-based access using security group tags to segment your network
- Enforce these policies across your Cisco TrustSec-enabled network devices
Lower Operational Expenses
- Limit the impact of data breaches and prevent the lateral movement of threats and compromised devices
- Reduce the need for costly network re-architecture by automating firewall rules and access control list (ACL) administration
- Easily comply with PCI audits and other compliance requirements using network segmentation
Products and Solutions
- Cisco Identity Services Engine
Share data with integrated partner solutions to speed their capability to identify, mitigate, and remediate threats.
- Cisco AnyConnect Secure Mobility Client
Prevent compromised endpoints from gaining access to critical resources.
- Network as an Enforcer
Find out about your network's built-in policy-enforcer capabilities.
- Network as a Sensor
Use Cisco network infrastructure to gain deep visibility, control, and analytics.
- Rapid Threat Containment
Detect, analyze, and stop threats with Cisco ISE and technology partners.
Building a Secure Data Center
BeachBody uses Cisco security to protect its data center and prepare for growth. (3:30 min)Why It Chose Cisco
Cisco TrustSec Platform and Capability Matrix
Learn what platforms and features are validated with Cisco TrustSec technology.View Product Matrix
Erickson Living Customer Case Study ( PDF - 246 KB )
Erickson Living Customer Case Study ( PDF - 1 MB )
Fitness Company Builds Secure Data Center
Global Bank Builds Foundation for Highly Secure BYOD
Growing University in Namibia Moves to Next-Generation Security ( PDF - 560 KB )
Proteccion contra de seguridad, racionlizacion de la prestacion de servicios ( PDF - 345 KB )
Protecting Against Security Threats, Streamlining Service Delivery ( PDF - 887 KB )
Providing Next-Generation Security for Today's Healthcare
Securing Fire Service That Protects Millions ( PDF - 671 KB )
How-to Guide for Campus and Branch Segmentation ( PDF - 2 MB )
Quick Start Configuration Guide ( PDF - 5 MB )
Securing BYOD with Cisco TrustSec Security Group Firewalling
User-to-Data-Center Access Control Using TrustSec Deployment Guide April 2016 ( PDF - 3 MB )
User-to-Data-Center Access Control Using TrustSec Design Guide October 2015 ( PDF - 1 MB )
Cisco TrustSec for Software Defined Segmentation
Retirement Community Goes Mobile
Cisco TrustSec 5.0 System Bulletin ( PDF - 479 KB )
Cisco TrustSec 4.0 Product Bulletin
Cisco TrustSec 2.0 Product Bulletin
Cisco TrustSec 1.0 Product Bulletin
Cisco TrustSec Accelerates and Simplifies Network Security Solution Overview
Cisco TrustSec Solution: Intelligently Control Access to Corporate Data