NAC and Segmentation

Integrate specialise in Network Access Control solutions using Cisco Identity Services (ISE).

Network Access Control (NAC) is a solution that defines and implements a centrally managed policy that enforces secure access to the network. NAC policies controls what users and devices communicate with on the network and what they do.

Network Access Control capabilities:

  • Prevent un-authorised network access
  • Role-based access control of users and devices
  • Security posture checking, mitigating network threats by enforcing security policies that block, isolate or restrict non-compliant computers.
  • Guest access, ensuring non-employeees have limited access privileges to the network.
  • Authentication, Authorisation and Accounting of all network connections

Network Segmentation is used to divide the network into zones or sub-networks, in order to improve security, scalability and performance. Segmentation can be used to create a clear separation of data within the network, for example separating payment card authorisations or customer of guest wireless from confidential corporate traffic.

Cisco Identity Services Engine

Cisco Identity Services Engine (ISE) is a NAC solution, which provides network visibility and identity access management, enabling enterprise organisation to authenticate and authorise Wired, Wireless and Remote Access VPN connections and enforcing corporate security policies. ISE also provides for Guest access and onboarding BYOD devices.

ISE provides Segmentation using TrustSec Scalable Group Tags (SGTs) to define roles and assign access rights to users/devices and then push the associated policy to network devices such as Switches, Routers and firewall to enforce policy.

How can we help?

Our consultants have designed and implemented Cisco ISE solutions for enterprise customers in large Financial, University, NHS and Miltary organisations, ranging from 1,000 to 250,000 endpoints. We’ve worked alongside Cisco Advanced Services to design and deploy large scale ISE projects with and without TrustSec.

We provide the following Cisco ISE services:

  • Assessment/Health Check of existing ISE implementation
  • ISE Solution design and implementation
  • Test plans
  • ISE upgrades and migrations
  • pxGrid integrations with Firepower or Stealthwatch
  • Network segmentation using TrustSec
  • Proof of concept (POC)

Based in Bristol, we operate throughout the UK and specialise in Cisco Network/Security solutions, providing design and implementation expertise. Whether you need a small data network or a large enterprise scale Firewall, ISE or VPN deployment, our experience in design and implementation will provide you with the solution to meet your needs.

Our Network Consultants’ expertise includes, but is not limited to the following solutions:

  • Next-Generation Firewalls
  • Network Access Control and Segmentation
  • Local Area Networks (LAN)
  • Remote Access VPN with Multi-Factor Authentication
  • Virtual Private Networks (VPN)
Get in touch
© 2024 . Created for free using WordPress and Colibri