Académique Documents
Professionnel Documents
Culture Documents
February 2010
Announcing
Cisco TrustSec
An industry-leading solution enforcing access and policy in the secure borderless network
C97-576464-00
Cisco Confidential
Market Opportunity
A recent Gartner survey indicates that 50% of enterprises plan to implement 802.1X in their wired networks by 2011.
Presentation_ID
Cisco Confidential
C97-576464-00
C97-576464-00
Cisco Confidential
Group:
Full-Time Employee
Group:
Contractor
+
Posture Location Access Type
Group:
C97-576464-00
Cisco Confidential
NEW
Infrastructure Components
ACS 5.1
ACS 5.1 NAC Manager NAC Server
NAC Profiler
Profiles unmanaged devices and applies policy based on device type
NAC Guest
Full-featured guest provisioning server
Policy/Security Components
Access Policy System for 802.1X termination and identity-based access control
Centralized management, Posture, services, configuration, reporting, and enforcement and policy store
Endpoint Components
802.1X Supplicant
802.1X supplicant via CSSC or native supplicant
NAC Agent
No-cost client for device-based scans
C97-576464-00
Cisco Confidential
VLAN is good, but let's also add "restricted access using dynamic ACL" (VLAN doesn't work for all customers)
TrustSec Capabilities
in the Secure Borderless Network Enhanced Switch Features
More authentication options: FlexAuth, WebAuth Additional deployment capabilities: Open Mode, IP Telephony
Cisco Guest and Profiler: Lower the cost of managing identity and policy
in both a .1X and appliance environment
MACsec:
C97-576464-00
Addresses compliance by providing an encrypted link from the Catalyst 3750-X, 3560-X, and Nexus 7000 to the endpoint
2010 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Portfolio
ACS & SWITCHES ACS & SWITCHES
1
ACS & SWITCHES
(INFRASTRUCTURE) Upgrade legacy switches Sell/Upgrade ACS Sell CSSC
2
NAC
(APPLIANCE) Sell NAC Server
NAC NAC
Note Guest Server and Profiler can be deployed with both NAC and ACS
C97-576464-00
Cisco Confidential
C97-576464-00
Cisco Confidential
10
2K 3K 4K 6K
C97-576464-00
Cisco Confidential
11
C97-576464-00
Cisco Confidential
12
All technologies provided by the proven leader in Network Admission Control Cisco
C97-576464-00
Cisco Confidential
13
Network discovery
Migration services Implementation services
C97-576464-00
Cisco Confidential
14
Sales Tactics
Low-hanging fruit
Enterprise (500+ users)
Security-conscious Regulatory compliance Internal mandates for 802.1X
C97-576464-00
Cisco Confidential
15
Sales Process
Assessment
Proof of Concept
Deployment
Tools Available:
Sales and technical presentations Infrastructure assessment guidelines Configuration guides for POCs Design and deployment guides
C97-576464-00
Cisco Confidential
16
17
Monitor Mode
Gathers information Critical to deploying network-based about device/user identity without locking out users or access without adverse devices impact
Same infrastructure for wired and wireless guest access same premiere user experience
C97-576464-00
Cisco Confidential
18
Switch Migration:
50 Catalyst 6500 Series 50 Catalyst 3750 Series 2000 Catalyst 2960 Series
Switch Migration:
15 Catalyst 6500 Series 50 Catalyst 3750 Series 125 Catalyst 4500E Series
Attached Security:
14 Access Control Systems 3 Profilers (each up to 40,000 MAC addresses) 3 Guest Servers
C97-576464-00
Attached Security:
5 Access Control Systems 1 Profiler
$24M*
2010 Cisco Systems, Inc. All rights reserved. Cisco Confidential
1 Guest Server
* Based on list prices
$7M*
19
Case Study
University of Montreal
Background
One of the top 100 universities in the world, with 55,000 students and an annual research budget of CAD$450 million
Business Challenges
Support collaboration between research groups Differentiated access for students, researchers and faculties
Our new network is more secure, and we can do a better job by giving more specialized service to people.
Michel L'Heureux Director of Telecommunications Universit de Montral
20
Next Steps
Resources
TrustSec Business Presentation NEW! TrustSec Technical Presentation NEW! TrustSec At-A-Glance NEW! TrustSec Quick Reference Card NEW!
Web Sites
Cisco Secure Borderless Networks, Cisco TrustSec, Cisco AnyConnect Secure Mobility internal Launch page http://wwwin.cisco.com/marketing/b orderless/security.shtml Partner Central Secure Borderless Networks Launch page www.cisco.com/go/sbn Cisco TrustSec external page www.cisco.com/go/trustsec
C97-576464-00 2010 Cisco Systems, Inc. All rights reserved. Cisco Confidential
21