Professional Documents
Culture Documents
Forward-Looking Statements
Many of the products and features described herein
remain in varying stages of development and will be
offered on a when-and-if-available basis.
This roadmap is subject to change at the sole
discretion of Cisco, and Cisco will have no liability for
delay in the delivery or failure to deliver any of the
products or features set forth in this document.
Cisco Confidential
Who
What
Where
When
Cisco ISE
Consistent Secure
Access Policy
How
BEFORE
DURING
AFTER
Control
Enforce
Harden
Detect
Block
Defend
Scope
Contain
Remediate
Firewall
VPN
NGIPS
NGFW
UTM
ONE NETWORK
Integrated
Wired and Wireless
in ONE Physical
Infrastructure,
with ONE Operating
System & Open APIs
CISCO
UNIFIED
ACCESS
ONE POLICY
Simplified, Unified Policy
Management
with Cisco ISE
Seamlessly & securely onboard devices with the right levels of access
Simplify & unify enterprise network access policy across wired, wireless, & VPN
Simplified Integration
Multi-Forest Active Directory
Streamlined VPN
AnyConnect Unified Agent
Cisco Confidential
User Experience
All New Guest Experience
Introducing Admin Work Centers
BYOD & Certificate Management
Made Easy
Cisco Confidential
BRANDED EXPERIENCES:
For guests, employees, and administrators across your pages,
including banners and advertising
OUT-OF-THE-BOX ONBOARDING:
Accelerates user productivity through simplified device
onboarding and easy, self-service device management
Desktop
& Mobile
Ready!
2013-2014 Cisco and/or its affiliates. All rights reserved.
10
1.Hotspot
2.Self Service
3.Self Service Sponsor Approved
4.Sponsored
Cisco Confidential
11
Hotspot
Guest Flow #1
Acceptable
Use Policy!
I promise
to be good.!
I Agree
Day Ends
44:6D:77:B4:FD:01!
44:6D:77:B4:FD:01!
Goal: Get them on the Internet with AUP acceptance no matter who they are and remember who they are next
time so you dont get in their way.
2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
12
AUP
Cisco Confidential
13
Secret
code:
chemist
chemist
Cisco Confidential
14
Cisco Confidential
15
Connect to WFI
hansolo
nerfherder
Cisco Confidential
16
optional
optional
Cisco Confidential
17
Visiting email?
Approved! credentials
username: trex42
password: littlearms
Cisco Confidential
18
DESKTOP
2013-2014 Cisco and/or its affiliates. All rights reserved.
Mobile
Cisco Confidential
19
Sponsored Flow
Guest Flow #4
Hi! Can I
get on your
Wi-Fi?
Sure. I just
need a little
information.
Print, email
& SMS
credentials.
Cool!
Cisco Confidential
20
Cisco Confidential
21
Cisco Confidential
22
Pre-Expiration Notification
DESKTOP
Mobile
Cisco Confidential
23
Prepackaged Flows
Ships with the default flows used
by 90% of our customers:
Hotspot, Self-Service (with or
without approval), & Sponsored.
Live Preview
See your pages as the guests
will see them as you customize.
Mobile Sponsors
You are free to move about the cabin!
Create a guest account on the fly from your
smartphone / tablet away from your desk.
Create Accounts
Create Accounts
Print
SMS
Cisco Confidential
28
Predefined URL
such as the
company page.
Custom ISE
Success Page
2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
29
Cisco Confidential
30
Cisco Confidential
31
Cisco Confidential
32
Java-Less Provisioning
Cisco Confidential
33
Java-Less Provisioning
Downloads as DMG
Double-Click to Run
App
Cisco Confidential
34
Optional
Enterprise!
Root!
Self Contained or
Optional Subordinate!
Cisco ISE
Certificate
Authority!
Cisco Confidential
35
Simplified Integration
Multi-Forest Active Directory
Streamlined VPN
AnyConnect Unified Agent
Cisco Confidential
36
Cisco Confidential
37
example-1.com
example-2.com
example-n.com
Cisco Confidential
38
Cisco Confidential
39
Cisco Confidential
40
Integration with the AC end-user experience (single posture tile for ISE
and ASA posture)
Cisco Confidential
41
Cisco Confidential
42
SIO
TRADITIONAL
APIs One Integration at a TimeI have NBAR info!
I have sec events!
I need reputation
I need identity
Single-purpose function = need for many APIs/dev (and
lots of testing)
I have NetFlow!
Proprietary
I have location!
We
need
tointerface systems
APIs
arent
NotI need
configurable
info
for
(scale issues)
entitlement = too much/little
I need identity
the solution
share
data
I have threatdata
data!exchange = wait until next release ifI have
Pre-defined
you MDM
needinfo!
a change
I need location
I need reputation
PollingI have
architecture
= cant scale beyond 1 or 2 system
firewall logs!
I have appintegrations
inventory info!
I need identity
I need posture
Security can
be loose
I have identity & device-type!
I need app inventory & vulnerability
2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
43
INFRASTRUCTURE FOR A
ROBUST ECOSYSTEM
Direct, Secured
Interfaces
pxGrid
Context
Sharing
Single, Scalable
Framework
context
Cisco Confidential
44
Cisco Confidential
45
Increase
condence
around
event
severity
levels
in
SIEMs
and
TD
consoles;
make
events
acAonable
in
the
network.
SIEM/TD
share
worst
oenders
with
ISE
for
user/device
policy
decisions.
SIEM/TD
PlaJorm
Policy: Detect sensitive data
access on mobile devices;
quarantine such users
Cisco ISE
ISE
QuaranAnes/Remediates
User/Trac
Cisco Confidential
46
Cisco Confidential
47
Cisco Confidential
48
Serviceability Enhancements
Tree View
Debug Endpoint
Endpoint Purge
Cisco Confidential
49
Tree View
AuthC
Protocols
Identity
Store
Cisco Confidential
50
Cisco Confidential
51
Cisco Confidential
52
Debug Endpoint
Creates debug file of all activity for
files per-PSN
Or Merged as a single file
Cisco Confidential
53
Cisco Confidential
54
Cisco Confidential
55
Duration is only relevant for a bypass suppression and will not appear
under any other filter type duration range is between 5 and 480
minutes(8 hours), default value is 60 minutes
Cisco Confidential
56
Modify collection filters If a bypass suppression collection filter already exists with the selected
user as its value, the page will be redirected to the edit page of the existing collection filter. If such a
collection filter does not exists, the page will be redirected to an edit page of a new bypass
suppression collection filter with the selected user as its value.
Bypass Suppression Filtering for 1 hour will create a bypass suppression collection filter with
the selected user as its value with a duration of 60 minutes(no redirection will occur).
Cisco Confidential
57
Cisco Confidential
58
Endpoint Purging
Matching Conditions
Purge by:
# Days After Creation
# Days Inactive
Specified Date
On Demand Purge
2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
59
Questions ?
Thank You !