This design represents a chapter from the overall SAFE Design Guide. Cisco SAFE leverages the threat detection and mitigation capabilities available on Cisco firewalls, Cisco Cisco IPS, Cisco Security Agents (CSA), Cisco Network Admission Control (NAC), and web/E-mail security appliances. In addition, the alarm and event information generated by these devices is centrally collected and correlated by the Cisco Security Monitoring, Analysis, and Response System (CS-MARS) to identify the source of threats, visualize the attack paths, and to suggest and optionally enforce response actions. Cisco IPS visibility is enhanced with the endpoint posture information provided by CSA which reduces false-positives and allows for the dynamic quarantine of compromised hosts. Cisco SAFE also leverages the linkage between Cisco Security Manager (CSM) and CS-MARS to simplify management and to expedite troubleshooting and threat mitigation.