Cisco Unveils pxGrid for Greater Network Security
With the pxGrid platform, Cisco is inviting security software developers to create applications for Cisco’s ISE management software.Cisco Systems officials are using the company’s Identity Services Engine as a cornerstone of an effort to enable third parties to develop applications to enhance security and context awareness in data center networks. The networking giant is creating a framework called the Platform Exchange Grid (pxGrid), through which developers can create security applications for the Identity Services Engine (ISE). These applications will bring new capabilities to the ISE that will enable the sharing of information about devices on a Cisco network—such as the type of device and how it is accessing the network—and the creation of policies for how to manage and secure these devices. The pxGrid will enable Cisco’s Security Technology Partner Ecosystem, which is targeted at improving network security by leveraging third-party capabilities in ISE to create greater identity and device context and a unified point of network policy. It’s a way of ensuring that all points along the network have the necessary data to identify and manage the devices in the network, and to develop remediation policies in case a threat arises, and to use ISE as the foundation of the effort. Cisco’s ISE is designed to give organizations greater control and information regarding the devices connecting into the network, and to develop security policies around that data. Such capabilities are increasingly important at a time when employees, through bring–your-own-device (BYOD) efforts, are using smartphones, tablets, notebooks and other systems to access the network, and when the Internet of Things promises more network connections not only from people but also from machines and sensors.
"Until now, SIEM [security information and event management] threat defense systems have lacked a complete picture of mobility and BYOD security risks, but with our new ecosystem they can use ISE network telemetry to correlate user, device and policy context with their traditional threat defense data sets,” Dave Frampton, vice president and general manager of Cisco’s Secure Access and Mobility Product Group, said in a statement. “In addition to identifying new categories of possible threats on the network, they can now also target suspicious mobile devices and start creating device- or user- or group-specific analytics for additional scrutiny.”