Secure Workload in Security Cloud Control

This chapter describes the deployment and management of Cisco Secure Workload in Security Cloud Control platform.

Introduction to Security Cloud Control

Cisco Security Cloud Control is a unified platform designed to manage your security products and deliver security outcomes through a single, integrated interface. Using this platform, you can manage Secure Workload along with other security solutions. It offers shared services across all products, eliminating the need for administrators to configure each product individually.

Key common services provided by Security Cloud Control include:

  • User provisioning and role assignment

  • Subscription management for all enrolled products

  • Guided workflows to help your organization quickly implement essential tasks

  • Global search functionality across all onboarded products to maintain consistent security policies

  • Seamless navigation between different products

  • AI-powered assistance to enhance user experience

To understand how to access and configure Cisco Secure Workload within the Security Cloud Control platform, see this video-Secure Workload in Security Cloud Control.

Manage Secure Workload in Security Cloud Control

Cisco Secure Workload SaaS on Security Cloud Control gives you unified, cloud-delivered workload protection, powered by real-time insights and adaptive zero trust policies—deploy, monitor, and secure every workload at scale, all from a single pane of glass. Secure Workload SaaS is managed and delivered entirely through Security Cloud Control—a single console for managing, monitoring, and enforcing security policy across cloud and hybrid environments.

Follow the following steps to get started:

  1. Sign in to Security Cloud Control using the Security Cloud Sign on account. Create an account if you do not have one.

    To create a Security Cloud Sign On account, provide an email address to where the account activation email will be sent. Every user account is required to use multifactor authentication (MFA) for account authentication. You can either use a Duo MFA, which is included with Security Cloud Sign On account at no extra charge, or use a one-time password (time-based) from the Google Authenticator application.

    For information on how to create a Security Cloud Sign On account, see Security Cloud Sign On.


    Note

    If you already have a Security Cloud Sign on account, see Signing in to Security Cloud Control.

  2. Create an Enterprise and define the preferred region for that enterprise. You can create multiple organizations, each with their own set of users, products, and other organization data.

  3. Enter the claim code that you receive in the Security Cloud Control welcome email in order to claim subscriptions for the product instances. For more information, see Claim your Product Subscription. Activate the new product instances.


    Note

    In case you need to understand the claim subscription process, see the Overview of the Claim Subscription.

  4. Choose the home page for your product after you create the organization and claim the product subscription.

  5. Add a domain to your product organization. For more information, see Add and Claim your Domain.

  6. Integrate the identity provider with the Secure Cloud Sign On account.

    For information to integrate the identity provider, see Integrate an Identity Provider.

  7. Create users and groups; assign them roles for precise product management and control.

    For information on role-based access, see Role-based Access Control.

Before you begin

This section provides steps for users to access Cisco Secure Workload SaaS application from Cisco Security Cloud Control.

Procedure

Step 1

From the Security Cloud Control navigation menu, choose Secure Workload. Please note that an Enterprise administrator will have access to the Cisco Secure Workload application.

Step 2

After you login to the Secure Workload Dashboard, launch the Secure Workload application by clicking the Launch Secure Workload tab.

Figure 1. Launch Secure Workload

Step 3

As the first step towards generating and enforcing policies for an application, access the Quick Start Wizard that introduces the concepts and benefits of labels and scopes. From within the Secure Workload application, access the Quick Start wizard to create the first branch of the scope tree.

To access the wizard, do either of the following:

  • Sign in to Cisco Secure Workload. Click the link on the blue banner that appears at the top of all pages OR

  • From the Secure Workload navigation pane, choose Overview.

Note

 

Following are key user roles that can access the Wizard:

  • Site administrator

  • Technical Assistance support

  • Root Scope owner

What to do next

For more information on how to create scopes and inventory, see Tour of the Wizard.