Endace and Cisco ISE: rooting out fraudulent network activity

There is something both cathartic and caustic whenever the term “ice” is added onto something of cultural and artistic value. Let’s see, you have hip hop artists like Ice-T and Ice Cube who rapped about social injustice and the hardships of poverty. Then you have this generation’s iconoclast,  Vanilla Ice (nee’ Robert Matthew Van Winkle) who let us know it was perfectly fine to “play that funky music” when you had a rough day or that humming “Ice Ice Baby” to your newly born child while rocking him to sleep didn’t constitute you as being strange.

The cool vernacular that is “ICE” isn’t just relegated to music; it’s also applicable to the ever stimulating world of technology. Ok, in this case it’s spelled “ISE”, but it sounds close enough in my books to have piqued my interest and serve as my hook for this blog. When I reference ISE, I am referring to the Cisco Identity Services Engine (ISE), which is a network administration product that enables the creation and enforcement of security and access policies for endpoint devices connected to Cisco’s routers and switches. The purpose is to simplify identity management across diverse devices and applications.

In keeping with the relevance and importance of the Cisco ISE, Endace will be demonstrating the integration of its EndaceProbeTM Network Recorder with Cisco ISE in the DevNet Zone of the CiscoLive event at the Moscone Center in San Francisco from May 20th to May 22nd, 2014.

What makes this integration so important? Well, it provides users with enhanced security capabilities in Cisco network deployments by providing Security Operations (SecOps) personnel with the ability to instantly associate suspect sessions and network activity with the originating user(s) and/or device.  As EndaceProbe provides lossless network data recording across multiple 10Gb Ethernet links, its integration with Cisco ISE also provides SecOps personnel with forensics data to support post-incident response and remediation.  Because let’s face it, that little “security breach” at Target was just the tip of the iceberg when it comes to the proliferation of cyber security theft.

Finally, the combination of Cisco ISE, the EndaceProbe and Cisco’s Sourcefire Defense Center provides Cisco network deployments with end-to-end security and identity monitoring, enabling proactive threat management, simplified SecOps workload and the ability to quickly mitigate threats to enterprise network infrastructure.

We encourage you to come visit the team at Cisco Live because in addition to being a bunch of cool cats, we know a thing or two about ISE and not just the musical kind. See you there!

Leave a Reply