Cisco Network Security
Reduce security risk to data & applications and reduce IT costs, time, and difficulty.
Reduce security risk to data & applications and reduce IT costs, time, and difficulty.
DISA STIG-ID NET-NAC-009 mandates the “Network Switch must be configured to use 802.1x Authentication on Host Facing Access Switch Ports.” For many current enclaves, this is simply not the case. In the past, this threat was downgraded from a CAT I to a CAT III vulnerability by the implementation of static MAC filter on the access ports, commonly known as “Sticky MAC” or “Port Security”.
The biggest problem with this workaround, beside the fact that this problem isn’t fully mitigated, is that static MAC filtering is a manual process and is very labor intensive. With the continued decline in forces and manpower in work areas, the increased workload this creates often negatively impacts work center performance and the mission.
LCA Networks has developed a turn-key solution to satisfy this DISA STIG-ID Requirement using the Cisco Identity Services Engine (ISE) that we have successfully deployed at over 25 DoD Bases supporting over 300,000 network attached devices. Our Cisco ISE solution will reduce security risk to data & applications and reduce IT costs, time, and difficulty. The LCA Networks solution includes all Cisco ISE Products and our Cisco Security Certified Professional Services to successfully implement Cisco ISE solution to meet this DISA STIG requirement.
• Consistent enforcement of context-based policies across wired, wireless, and remote networks System-wide visibility showing IT who and what is on the network
• Integrated authentication, authorization, and accounting (AAA), profiling, posture, and guest services to simplify deployments and cut costs
• Accurate device identification with advanced profiling technology, using Cisco ISE-based probes, embedded device sensors, endpoint scanning, and device profile feed service
• Greater visibility & control of the endpoint with Mobile Device Management (MDM) solution integration
• Simplified and streamlined onboarding for guest access and BYOD through self-service registration
