Design Cisco Software Defined Segmentation

Delivery in
7 days

  • Views 73
  • 1
  • 1

What you get with this Hourlie

I offer Cisco Identity Services Engine platform deployment including Administration, Policy Service, pxGrid, and Monitoring nodes, not including endpoints and network devices.

Cisco TrustSec security framework allows you to build secure networks by installing a domain from trusted network devices. The communication between devices in the domain is protected by encryption, integrity checking, and protection mechanisms against repetitive data packets. TrustSec uses device and user data in the authentication process to classify packets by Security Groups (SG) when they enter a secure domain. Classification of packets is performed using tagging at the entrance to the CTS-network. This tag, called the Security Group Tag (SGT), allows the network to apply access control policies to the endpoints.
The TrustSec architecture is based on three key components:
- Proven network infrastructure. After the first device authenticates with the authentication server (Cisco ISE), a TrustSec domain is created. Each next network device added to the domain authenticates with peers already in the domain. Such a new device to be added is identified by the authentication server and assigned a security group number in accordance with the policies configured on the server.
- Secure access control based on groups (Security Group Access, SGA). The access policies inside the TrustSec domain do not depend on the network topology, but are based on so-called roles (as indicated by the SG number) of the source device and the destination device. All packets passing between two devices on the network are tagged with the source SG number.
- Secure connections. On devices with hardware encryption support, all the packets on the links can be encrypted.

What the Seller needs to start the work

Cisco service contract number, logins to hardware and software for installation and customization.