The Defense Information Systems Agency (DISA) plays a crucial role in ensuring that the U.S. Department of Defense (DoD) has the necessary information technology and communications support to carry out its mission. One of DISA’s key initiatives, Comply-to-Connect (C2C), is a vital framework that enhances network security. In this blog post, we will delve into how DISA’s C2C approach is transformative, with simplified compliance and a centralized platform, utilizing Cisco’s Identity Services Engine (ISE) to automate the discovery of endpoints.
If it’s connected, it’s protected
As Cisco’s Area Leader for Cybersecurity supporting United States National Security entities and the DoD, I have the privilege of witnessing an evolution in how our government is securing its most critical information assets. I also have the distinct honor of still wearing the uniform, serving as a Lieutenant Colonel with the Army National Guard. In my military role, I serve as my Commander’s G6, or Chief Information Officer, overseeing all aspects of mission critical information; from dissemination to transport to storage and everything in between.
Why Cisco ISE is critical
DISA’s Comply-to-Connect approach aims to reduce vulnerabilities and enhance the resilience of the DoD’s information network against increasingly sophisticated cyber threats. Cisco ISE plays a crucial role in achieving this goal. It is the industry’s most widely adopted and awarded network access and control (NAC) solution, offering the creation and enforcement of security and access policies for endpoint devices connected to the agencies’ networks. ISE can be deployed in the cloud as well, packed with the same enhancements as the on-premises version.
Cisco ISE is an essential component in implementing DISA’s C2C approach. For Cisco’s Federal Customers, Cisco ISE offers a platform approach to securing access that is integrated seamlessly into the network. Watch the brief discussion on how they work better together:
How Cisco ISE enhances DISA’s Comply-to-Connect mandate
With Cisco ISE, our National Security & Defense teams are enhancing DoD network management and security strategies by closing gaps in device visibility. Cisco ISE assists the Department of Defense in various ways:
- Device Profiling: Identifying and profiling devices accessing the network.
- Policy Enforcement: Automating the enforcement of security policies.
- Threat Containment: Quickly containing threats detected on the network.
- Continuous Monitoring: Ensuring devices remain compliant with security updates.
- Scalability: Scaling to accommodate large, diverse networks.
Meeting DoD Zero Trust mandates
Cisco ISE with Comply-to-Connect aids mission-focused stakeholders in meeting the DoD’s zero-trust strategy by serving as the ideal Zero Trust policy decision point. It uses adaptive policies to verify trust continuously and respond to changes in trust for resilient incident response.
Cisco ISE simplifies the transition to zero-trust access, as outlined in the DoD Zero Trust Strategy document, by integrating seamlessly into existing environments, especially for complex networks like the DoD.
Conclusion
Cisco Security solutions, including Cisco ISE integrated with DISA’s Comply-to-Connect approach, provide a robust solution for managing network access and enhancing cybersecurity for our National Security and Defense. By ensuring devices comply with security updates before accessing the network, Cisco Security enhances the resilience of DISA’s information network against cyber threats.
Next steps for Comply-to-Connect success
Reference
[1] DoD Zero Trust Strategy (October 2022) – PDF
Share:
Please provide the HTML code that needs to be rewritten.
Source link
