ISE’s Easy Connect Lives Up to its Name, but is it Right for You?

Take note: Mobility spending is expected to total $1.57 trillion worldwide this year, with growth projected through at least 2020, according to research by IDC. That figure covers hardware, software, and associated services. Considering the value mobile workforces bring to businesses, this investment does make sense. However, from IT’s perspective, it presents certain challenges.

Organizations with leaky endpoint security are leaving a door open for cybercriminals. As mobility and BYOD initiatives increase the number of endpoints within an organization, it makes for even more doors for IT to worry about. This likely helped propel endpoint security to the top spot among must-implement security initiatives in a recent Computer Weekly study of CIOs.

Businesses relying on a solution such as Cisco’s Identity Services Engine (ISE) already have greater awareness of the devices and endpoints accessing their networks. ISE, for example, considers factors such as user identity, location, device type, device health, and more and assigns access clearances based on that contextual data. ISE already brings much-needed simplicity to access management through its automation features, however, there is a way to take this a step further, with a capability only in the most recent versions of Cisco ISE.

A practical look at the value of Easy Connect

This feature is called Easy Connect and it streamlines network access without infringing upon IT’s ability to supervise connections and maintain the integrity of the business network. With Easy Connect, IT won’t have to worry about installing security or access clients on the endpoints themselves. At least not for any Windows-based endpoints. Instead, Easy Connect has an alternative method for authenticating devices attempting to log in to a business’s network.

Let’s take a closer look at how this works by exploring what happens when a user attempts to log in to a system backed by Easy Connect and ISE. When a client initially connects to a network, ISE can minimize what it touches, limiting the client to the essentials, such as the AD domain. Once that client logs in to an AD domain, that’s when Easy Connect comes into the equation. Easy Connect pulls permissions for that user identity from the person’s AD profile and grants new access to him or her mid-session. This process is hands-free, occurs in real time, and, when it’s complete, the device will appear in ISE complete with the appropriate context.

With Easy Connect, businesses can leverage an access solution that, while not as robust alternatives such as 801.x, can still be counted on to keep their network out of harm’s way. When compared to other options, it offers an ease of use and a flexibility that makes it worthy of a place in a business’s security strategy.

Learn more about securing your business’s endpoints

Easy Connect made its debut in ISE 2.1 and it’s also included in the latest version, 2.2. Are you using an older version of ISE and would like to upgrade to a more modern version to take advantage of Easy Connect? Or are you new to ISE and want to learn more about it? Our Cisco Practice can take you through ISE, Easy Connect, and more to show you what these capabilities can do for your organization. Visit https://www.arrayasolutions.com//contact-us/ to get the conversation started.

Another way to learn more about ISE in general? Join us at our 3^rd Annual Arraya Solutions Technology Summit on June 8, 2017 in King of Prussia, PA. This free event features a full day of learning opportunities presented by the members of our technical team, covering the challenges and solutions most relevant to today’s IT professional. Included in the agenda is Clearing Up Access Mysteries and Defending Your Network with Cisco’s ISE. This session will cover the benefits of ISE and the architectural considerations needed to achieve full value from it. To register for the Tech Summit, head to: http://arraya.info/techsummit.

You can leave us a comment on this post by visiting us on social media: LinkedIn, Twitter, or Facebook.