April 4th, 2018

Complete Network Refresh With Best-in-Breed Access Control

Overview

 

As part of a large federal subagency, this client had ongoing security concerns that made a high-quality access control solution critically important. This organization conducts telecommunications research and provides engineering support for federal agencies, state and local governments and private enterprises focused on public safety. This client also provides infrastructure research and support to promote better interoperability between various public safety communications platforms.

Given the public safety implications of this client’s data, establishing and maintaining strict access controls was critical. Should an unauthorized user gain access to the network, they would have access to public safety data and intellectual property, potentially at great costs to the federal government and United States citizens.

Until recently, any user who entered the client’s headquarters could gain network access simply by plugging into an available wall-jack— hardly ideal for an agency with such sensitive data to protect. And so, while the decision to overhaul their network stemmed from a need to replace end of-life hardware, increase scalability and connect more users, this client also recognized the need for stricter, more secure access control.

 

The Solution: Cisco ISE

 

With a network refresh already underway using Cisco technology, Force 3’s team recommended deploying Cisco ISE across the network for wired, wireless and VPN devices.

Two engineers worked onsite for several weeks to ensure that the new network supported all of the advanced functions the client wanted to introduce, with an implementation process that included:

  • • Making environment-wide changes
  • • Configuring network access devices
  • • Creating certificate templates
  • • Performing endpoint configurations
  • • Ensuring scalability for the necessary number of users and
    devices
  • • Testing for failure resistance, redundancy and availability
  • • Ensuring the appropriate client and software choices
  • • Security posture assessment and profiling to ensure any
    devices connecting to the network had up-to-date software/
    anti-virus and appropriate permissions

Because organization-wide adoption is critical to a solution’s success, Force 3 also collaborated with the client to establish the proper training and resources to ensure the organization continues using and benefiting from Cisco ISE. That includes providing ongoing support and education to help the client use this solution to its fullest capabilities.

 

The Outcome

 

Because the client was already undergoing a network refresh with Cisco technology, ISE offered an easy integration. With Cisco ISE, Force 3 provided multiple functionalities for device authentication, network administrators and certificate authentication, all from one platform and with centralized management capabilities (i.e., a single pane of glass). Further still, through ongoing support and collaboration, the client’s IT team can continue maximizing its use and adoption of Cisco ISE and all the benefits it offers.

Ultimately, the client can move forward with a new, leading-edge network infrastructure, made and kept secure with a range of Cisco security products—including better access control with Cisco ISE.

 

DOWNLOAD USE CASE

 


Want to see ISE in action?

Provide consistent, efficient, secure network access with a free demo
of Cisco Identity Services Engine (ISE). Learn More.