By Matt MacKinnon, Senior Director of Technical Alliances
Armis brings agentless visibility and threat detection capabilities to Cisco ISE for unmanaged and IoT devices.
Just beyond the reach of traditional enterprise security products are unmanaged and IoT devices you can’t see. These devices have multiple wired and wireless means of connectivity, creating a vast, vulnerable attack surface. This untenable situation requires a new way of thinking about how to discover and analyze every device on or even near your network to protect it from a new and growing breed of attacks.
Today, Armis joins the Cisco Security Technical Alliances (CSTA) Program to help organizations extend the value of their investments in Cisco ISE. The Armis agentless security platform discovers and analyzes every device in your environment, on and off your network, to protect you from exploits and attacks. The Cisco® Identity Services Engine (ISE) enforces role-based access control and uses device insights from Armis for finer-grained, more accurate network policies.
Together, Armis and Cisco provide more complete visibility and control over every device in your environment.
Visibility and Control for Every Device In Your Environment
Unmanaged devices are ubiquitous in enterprise environments. These include smart TVs, digital assistants like Amazon Echo, smartphones and tablets, IP cameras, connected thermostats, and more. Although these devices help people achieve greater productivity, they can be compromised and attacked, putting your organization at risk.
You can’t protect these devices with security agents, existing EDR products are not designed to monitor them, and they typically have far more vulnerabilities than managed computers because they have old, unpatched operating systems.
Without sensors or agents, the Armis platform discovers virtually every device, analyzes its behavior for anomalies, and classifies it by type automatically. This includes devices using Wi-Fi, Bluetooth, and other peer-to-peer IoT protocols that your existing security products can’t recognize. Using advanced passive listening technologies, Armis detects vulnerabilities, risks, and attacks in your environment that otherwise would be invisible to you.
Intelligent and Dynamic Network Access Policies
Armis uses Cisco pxGrid and its ISE Profiler API to share device classification information and other details with Cisco ISE, allowing ISE to enforce fine-grained network access policies. Armis can also provide Cisco ISE with real-time knowledge of risks and threats, based on our proprietary knowledge base of the expected behavior of millions of different types of unmanaged devices.
This integration helps make your network access control policies more intelligent for unmanaged and IoT devices – a capability Cisco ISE alone can’t offer. That enables your organization to enforce network access policies dynamically based on device behavior and risk score. Moreover, it allows Cisco ISE to isolate compromised devices to protect organizations from data leakage.