Cisco (NASDAQ:CSCO) is updating its borderless networking architecture this week with new identity and network management products.
The new Cisco Identity Services Engine (ISE) provides centralized policy and unified identity management. ISE is part of Cisco’s SecureX, context-aware security architecture that was announced at RSA in February of this year.
Marie Hattar, vice president of marketing, Borderless Networks at Cisco told InternetNews.com that ISE enables profiling of network connected devices. She explained that ISE has sensors and is able to create a device profile for devices on the network and what the expected behavior should be.
“We’ve also added posture from NAC into the policy engine so we can look at the device posture and make sure it’s all up-to-date,” Hattar said. “So any end point coming into the network would be directed to ISE which then applies all the policy profiles and it pushes the rules into all the network devices so the right policy is administered.”
Hattar added that ISE can integrate with ActiveDirectory as well as other authentication and identity stores. ISE does not initially integrate with the OAuth web authentication standard. According to Cisco, OAuth may be more relevant as they look at context sharing between ISE with cloud based apps/sites in future releases.
From a deployment perspective, ISE initially will be available as a hardware appliance. That said, Hattar noted that ISE is software and Cisco is beginning to test it on the UCS server platform as well for future deployment potential.
Cisco is also launching the new Cisco Prime suite of network management capabilities. Hattar described Prime as a holistic network manager that can manage both wired and wireless network assets. Hattar noted that Cisco Prime provides a view right down to the user management level so an admin can manage both wired and wireless users. She added that the system provides for easier troubleshooting from end-to-end.
“In the past we have been criticized a bit on network management,” Hattar said. “But with Cisco Prime we’ve moving into the next generation in terms of workflow, ease of rolling out services and the consistency of the GUI from end-to-end.”
Cisco Prime is still an evolving offering and will be expanded over time. Hattar noted that items such as UCS manager are not yet part of Prime.
“In the first phase we have integration of some capabilities including the network analysis module, collaboration manager, unified wired and wireless management and integration with the ISE platform,” Hattar said. “It’s on the roadmap to integrate the other platforms and bring them up to the Prime standard.”