- June 2016
- Posted By Eduardo Fernández León
- 0 Comments
We’re glad to announce that Intelliment Security is a new Cisco Security Technical Alliance member, through an integration with Cisco Identity Services Engine that employs the pxGrid protocol to automate the sharing of network telemetry and even automate the containment of threats. With this integration, Intelliment Security automates network security policy management in complex, multi-vendor networks, to help them better handle security at scale and to automatically contain network threats.
As Cisco states, pxGrid is a secure, scalable and IETF standards-based way to reduce the complexity and fragmentation you get with security products that don’t interoperate, and allows you to get more value from the tools you especially need to keep your company safe.
This joint work was initially exposed to the public during the February edition of Cisco Live! in Berlin. With Cisco ISE, Intelliment Security is able to listen to telemetry data of the network via pxGrid and react automatically to the raised events, deploying new policies and configuration to firewalls in real-time. Given that 60% of data is stolen in the first hours of the data breach (the Golden Hours), a rapid response to threats is key when containing the cost of security incidents.
How Intelliment works with pxGrid?
Intelliment Security subscribes to pxGrid events from Cisco ISE such as authentication, disconnections, and threats. Then it is able to automatically take proactive actions to push changes to firewalls and other security policy enforcement points available in the network, like Clouds and SDN Controllers, to respond to these events automatically.
A Security Administrator can specify network security policies that will be automatically implemented as firewall rules in complex multi-vendor, multi-technology networks when users belonging to certain groups successfully authenticate on the network, achieving better security by only allowing traffic when those users are present.
Furthermore, enterprises will be able to respond faster to threats, by automatically blocking attackers identified as dangerous systems by another product of a member of the Security Technical Alliance like a SIEM or a threat intelligence system, making its data automatically actionable.
The ISE-Intelliment integration takes advantage of the Intelliment Security RESTful API, to automate the management of network security policies in complex multi-vendor, multi-technology networks, with no need for the Security Administrator to have all the needed expertise to operate all these different vendors and technologies that are today used to get to a more cost-efficient, agile network infrastructure.
Don’t hesitate to request a demo!
About Cisco pxGrid
The Cisco Platform Exchange Grid (pxGrid) allows you to integrate your application into the pxGrid, a multivendor, cross-platform network system that pulls together different parts of an IT infrastructure such as security monitoring and detection systems, network policy platforms, asset and configuration management, identity and access management platforms, to name a few.
When you have a new business or an operational needs arise, you can use pxGrid to exchange context with Cisco products, such as the Cisco Identity Service Engine (ISE), or any other Cisco partner that supports pxGrid.
Cisco pxGrid will provide you with an API that will open up a unified framework that will enable you to integrate to pxGrid once, then share context with any other platform that supports pxGrid. This hub and spoke architecture means that you integrate once to pxGrid and there is no need for you to adopt a host of individual, platform-specific APIs.
More info about pxGrid in the following page