Cisco and Infoblox Talk to Each Other to Make Security Stronger
Can we talk? No. Too often, that’s the answer when it comes to networking and security solutions sharing information with each other. Imagine a ship where a crew member spots a leak and doesn’t tell anyone. You don’t want to be the skipper on such a ship of fools.
Cisco is breaking down these barriers with enhancements, announced today, to its Cisco Identity Services Engine (ISE) and the Cisco Platform Exchange Grid (pxGrid) protocol. These enhancements make it easier for vendors to connect and share information with Cisco and even among each other.
Infoblox is proud to be the first provider of enterprise-grade DNS, DCHP and IP address management (DDI) solutions to support bi-directional data exchange with ISE (www.infoblox.com/cisco-ise).
So what does this mean? Let’s say you’re using Infoblox DDI to control your network. The network team detects a PC on the network sending data far in excess of what is normal. Through the Cisco pxGrid integration, Infoblox can automatically discover the user identity of the PC’s owner from Cisco ISE. This makes it far easier for the network team to locate the device and remediate any security threats.
The integration works both ways. Let’s say an employee has picked up malware on his laptop while working off-site in a coffee shop, then returns to the office and logs in. The malware attempts to connect with its command-and-control server and is caught by another vendor’s security system. That system, if it subscribes via pxGrid to data published by Infoblox, will have access to information on the infected device including location and type, as well as DHCP lease state and time. Armed with this additional context, the security response team can make a better and faster assessment of both the risk and the appropriate response.
Users of Infoblox Internal DNS Security and Infoblox DNS Firewall can also send “early warning” of compromised devices to ISE and security integration partners through pxGrid. When Infoblox Internal DNS Security or Infoblox DNS Firewall detect attempts by a device to connect to a known malicious domain, for example, that information can be sent through Cisco ISE into the organization’s security architecture for immediate and automated containment – avoiding the delays and confusion that come when human involvement is required up front.
The Infoblox integration even supports Cisco TrustSec. When Infoblox Internal DNS Security or Infoblox DNS Firewall signals ISE about a device seeking to access a malicious site, ISE can modify the device’s assigned TrustSec tag to prevent the device from accessing critical data center assets. TrustSec tag information is also sent from ISE to Infoblox, making it easier for network teams to understand and troubleshoot TrustSec-enabled networks.
These aren’t the only benefits. Learn more by visiting www.infoblox.com/cisco-ise. Can we talk? Through our integration with Cisco ISE, the answer is most definitely yes.