Design Cisco Software Defined Segmentation
$1,000
Explore the marketplace!
What you get with this Offer
I offer Cisco Identity Services Engine platform deployment including Administration, Policy Service, pxGrid, and Monitoring nodes, not including endpoints and network devices.
Cisco TrustSec security framework allows you to build secure networks by installing a domain from trusted network devices. The communication between devices in the domain is protected by encryption, integrity checking, and protection mechanisms against repetitive data packets. TrustSec uses device and user data in the authentication process to classify packets by Security Groups (SG) when they enter a secure domain. Classification of packets is performed using tagging at the entrance to the CTS-network. This tag, called the Security Group Tag (SGT), allows the network to apply access control policies to the endpoints.
The TrustSec architecture is based on three key components:
- Proven network infrastructure. After the first device authenticates with the authentication server (Cisco ISE), a TrustSec domain is created. Each next network device added to the domain authenticates with peers already in the domain. Such a new device to be added is identified by the authentication server and assigned a security group number in accordance with the policies configured on the server.
- Secure access control based on groups (Security Group Access, SGA). The access policies inside the TrustSec domain do not depend on the network topology, but are based on so-called roles (as indicated by the SG number) of the source device and the destination device. All packets passing between two devices on the network are tagged with the source SG number.
- Secure connections. On devices with hardware encryption support, all the packets on the links can be encrypted.
Cisco TrustSec security framework allows you to build secure networks by installing a domain from trusted network devices. The communication between devices in the domain is protected by encryption, integrity checking, and protection mechanisms against repetitive data packets. TrustSec uses device and user data in the authentication process to classify packets by Security Groups (SG) when they enter a secure domain. Classification of packets is performed using tagging at the entrance to the CTS-network. This tag, called the Security Group Tag (SGT), allows the network to apply access control policies to the endpoints.
The TrustSec architecture is based on three key components:
- Proven network infrastructure. After the first device authenticates with the authentication server (Cisco ISE), a TrustSec domain is created. Each next network device added to the domain authenticates with peers already in the domain. Such a new device to be added is identified by the authentication server and assigned a security group number in accordance with the policies configured on the server.
- Secure access control based on groups (Security Group Access, SGA). The access policies inside the TrustSec domain do not depend on the network topology, but are based on so-called roles (as indicated by the SG number) of the source device and the destination device. All packets passing between two devices on the network are tagged with the source SG number.
- Secure connections. On devices with hardware encryption support, all the packets on the links can be encrypted.
What the Freelancer needs to start the work
Cisco service contract number, logins to hardware and software for installation and customization.
We collect cookies to enable the proper functioning and security of our website, and to enhance your experience. By clicking on 'Accept All Cookies', you consent to the use of these cookies. You can change your 'Cookies Settings' at any time. For more information, please read ourCookie Policy
Cookie Settings
Accept All Cookies