Businesses need to effectively and securely manage who and what can access the network, as well as when, where, and how that access can occur. Organizations can do just that with the Cisco Trust and Identity Management Solutions, which can turn virtually every network device into an integral part of an overall security strategy.
Deploying a complete Trust and Identity Management solution lets enterprises secure network access and admission at any point in the network, and it isolates and controls infected or unpatched devices that attempt to access the network. What’s more, businesses can streamline the security management of remote network devices while taking full advantage of existing security and network investments.
With the Trust and Identity Management Solutions, the following essential security functions are provided:
- Enforcement - Authenticates entities and determines access privileges based on policy.
- Provisioning - Authorizes and controls network access, and pushes access policy enforcement to network devices via VLANs, access control lists (ACLs), etc.
- Monitoring - Accounting, auditing, and forensic tools allow system administrators to track the who, what, when, where, and how of network activity.
The Cisco Trust and Identity Management technology is comprised of three solution categories:
- Identity Management - Guarantees the identity and integrity of every entity on the network and applies appropriate access policy; delivers visibility into network activity; secures the centralized management of remote devices; and provides Authentication, Authorization, and Accounting (AAA) functionality across all network devices.
- Identity Based Networking Services (IBNS) - Expands network security by using 802.1x to automatically identify users requesting network access and route them to a VLAN domain with an appropriate degree of access privilege based on policy (for example, guests versus employees). Also prevents unauthorized network access from rogue wireless access points.
- Network Admission Control (NAC) - Allows network access only to trusted endpoint devices that can verify their compliance to network security policies, such as having a current antivirus image, OS version, or patch update. NAC can permit, deny, or restrict network access to any device as well as quarantine and remediate non-compliant devices.
