Without agents, Armis discovers all devices on your network and in your airspace, including devices that Cisco ISE can’t see such as those that communicate via common IoT protocols. Armis creates a comprehensive inventory that includes device manufacturer, model, location, operating system, installed applications, connections made over time, and a unique risk score that Armis generates for each device. This complements the inventory that Cisco ISE provides for devices on your network, and it gives your security team additional information they they can use to proactively reduce your organization’s attack surface.
Armis is able to tell Cisco ISE whenever a device on your network has become a threat. Armis continuously monitors the behavior of every device on your network and in your airspace for behavioral anomalies that indicate that the device has been compromised. This behavioral analysis is performed by Armis’ Threat Detection Engine which compares the real-time behavior of each device with:
When Armis detects a threat on your network, Armis informs Cisco ISE which can then automatically quarantine the suspicious or malicious device to neutralize the threat. Through this integration, Armis lets you and your team: