Providing wireless access to your guests is like opening your back door because you want to make your house more accessible.
Let me tell you a story: We had a client who was absolutely convinced they were secure. Their intrusion prevention and malware protection was running perfectly, they had a brand new Internet-edge security solution, and they felt confident they were impenetrable. So we walked into their lobby, plugged in an open network jack and scanned their entire system in less than ten minutes.
There’s a difference between armoring yourself from external threats and defending yourself from within.
You know the story of the famous Target infiltration that was incepted through an innocent HVAC vendor with access to the system. Your employees and guests are no different; they are all susceptible to the disease of infiltration, and when they log into your system, so are you.
Most clients install an external shield first, because the assumption is that most of the threats are out there, in the ungoverned maelstrom called the Internet. It’s a great first line of defense, but it is a grave mistake to stop there.
Cisco ISE segments your users and devices according to your rules. Guests get a temporary password, sign on through the portal and have everything they need to be happy but get zero access to your true network. After a few hours, or when they leave your location, their access is turned off. BYOD portals allow easy access to Wi-Fi and nothing else. Your corporate users are scanned, cleaned, and automatically redirected to a compliance portal with necessary links.
You know who’s on your network, if they should be there, know the computer that’s misbehaving and can shut it down remotely. ISE provides dashboards to make sure you’re up-to-date on realtime connections, successes, failures or policies, and monitor all active connections based on computer name and IP address so you can track down the problem without getting out of your chair.
Best of all, ISE integrates easily with Cisco systems such as FirePOWER and Stealthwatch and is a simple-to-start system ready to go right out of the box. All you have to do is tune it to your environment and security devices.
What you will discover about your systems once you integrate Cisco ISE? Maybe when Bobbi Sue rearranges her office and plugs the printer into where her PC should have been, ISE will make the necessary network changes for you. Maybe you will simply keep untrusted devices off your network. Maybe you’ll discover someone across the street has been stealing your wireless.
And maybe, like one of our clients, you’ll discover the computer in the closet that was never properly patched and has been running malware in your system for years.
Once you’ve got your ISE armor, you’ll wonder why you ever did it any other way.
Matrix Integration specializes in information technology solutions for businesses including IT consulting, security, communications, networking, implementation, wireless, data centers, staff augmentation, managed services, remote monitoring and disaster recovery.