Cisco Systems has unveiled its distributed SecureX architecture, which enables "context aware" security enforcement regardless of infrastructure environment. A key element is inclusion of client information through Cisco's TrustSec technologies, which enable the transport and reading of context about user, device identity and role, to create and enforce granular policy. The announcement is being made at the RSA Conference.
"TrustSec tagging metadata provides contextual information that any firewall switch or router
can read," says Tom Gillis, VP and general manager for the Cisco Security Technology Business Unit. "Cisco draws context information from directories, Security Intelligence Operations [Cisco's threat assessment cloud service]), authentication information from clients, NAC products, and brings it all together."
- A context aware policy language, introduced to manage enforcement, that is designed to be simple, defining policy in business terms;
- Cisco AnyConnect VPN technology, which provides secure access from any device, including smartphone, PC or tablet; and
- Virtual and cloud platforms that attach to Cisco virtual data center switching
"We go with a cautious approach," says Kevin DePeugh, executive director, assessment and response services, at Kaiser Permanente. "Our health care professionals want mobile devices; they can give care more efficiently, but we have to be careful about what we allow on network."
"There's a lot of pressure from our internal entrepreneurial group to be cool and sexy with dealers," says Andre Gold, head of technology operations and security at AutoTrader. "We identify use cases for employees rather than an approach of 'thou shalt not have personal devices.'"