I will design cisco software defined segmentation

About:

I offer Cisco Identity Services Engine platform deployment including Administration, Policy Service, pxGrid, and Monitoring nodes, not including endpoints and network devices.

TrustSec uses device and user data in the authentication process to classify packets by Security Groups (SG) when they enter a secure domain. Classification of packets is performed using tagging at the entrance to the CTS-network. This tag, called the Security Group Tag (SGT), allows the network to apply access control policies to the endpoints.

- Proven network infrastructure. After the first device authenticates with the authentication server (Cisco ISE), a TrustSec domain is created. Each next network device added to the domain authenticates with peers already in the domain. 
- Secure access control based on groups (Security Group Access, SGA). The access policies inside the TrustSec domain do not depend on the network topology, but are based on so-called roles (as indicated by the SG number) of the source device and the destination device.
- Secure connections. On devices with hardware encryption support all the packets on the links can be encrypted.

Reviews

:

:

:

:

: