Cisco TrustSec

Hierarchical Navigation

Make Network Security Simple

See how Cisco TrustSec takes the complexity out of network security. (3:23 min)

Make Network Security Simple

Cisco TrustSec technology uses software-defined segmentation to simplify the provisioning of network access, accelerate security operations, and consistently enforce policy anywhere in the network. Cisco TrustSec is embedded technology in Cisco switches, routers, and wireless and security devices.

Cisco TrustSec Software-Defined Segmentation

Cisco TrustSec uses software-defined segmentation to reduce the risk of malware propagation, simplify security operations, and assist in meeting compliance goals. Traffic classification is based on endpoint identity, not IP address. It is also not based on access control lists (ACLs), helping to enable policy change without network redesign.

Taking Complexity Out of Network Security

Cisco TrustSec is embedded technology in your existing Cisco infrastructure. This can simplify provisioning and management of network access, make security operations more efficient, and help to enforce segmentation policy consistently, anywhere in the network.

Cisco Identity Services Engine, Cisco�s market-leading policy management platform, gathers advanced contextual data about who and what is accessing your network. It then defines role-based access using Security Group Tags to segment your network.

This centralized software-defined segmentation policy is pushed by Identity Services Engine to your TrustSec-enabled network devices in order to enforce policy decisions across the network.

Simplify Access Management

  • Create and manage policies in a simple matrix using plain language
  • Easily manage access control and segmentation across the enterprise while maintaining compliance
  • Control access to critical assets by business role, device type, and location

Consistent Policy Across the Network

  • Consistently enforce policies across the network and scale from mobile users to the data center
  • Identity Services Engine central policy manager defines segmentation policies, which are enforced across wired, wireless, and VPN topologies

Reduce Operational Expenses

  • Limit the impact of data breaches and prevent the lateral movement of threats and compromised devices across your network with micro-segmentation
  • Reduce the need for costly network re-architecture by automating firewall rules and ACL administration
  • Easily comply with audits for PCI and other compliance requirements using network segmentation

Cisco TrustSec technology is available in products used in the branch office, campus, and data center. It is embedded in Cisco switching, routing, firewall, and wireless devices. Supporting platforms include:

  • Cisco Identity Services Engine
  • Cisco Catalyst and Cisco Nexus switches
  • Cisco Integrated Services Routers
  • Cisco wireless LAN products
  • Cisco ASA firewalls and VPN appliances

See the Cisco TrustSec product matrix for a complete list of products and capabilities.

Additional Resources

At-a-Glance (1)

Case Studies (4)

Design Guides (11)

Presentations (1)

Solution Overviews (11)

White Papers (1)

Contact Cisco

Security Everywhere

Confront today's threats with security as pervasive as the IoE.

Get Report

Reduce PCI Scope with TrustSec

Read Verizon's assessment and validation about how TrustSec helps with PCI compliance. (PDF - 620 KB)

Download White Paper

Make Access Control More Scalable

Learn the fundamentals of Cisco TrustSec and how to configure it in your infrastructure. (PDF - 5 MB)

Read Overview