The Need for Policy-Based Security
Complex security technologies
are necessary to protect highly available mission critical networks from
corruption and intrusion. Of particular interest in the past few years is
protecting geographically dispersed enterprise networks, which use a
combination of public and private WAN lines to connect remote and branch
offices to major centers. Intranets, extranets, Internet connections, WANs, and
LANs each have unique security requirements. Many companies wish to extend
their mission-critical applications to remote offices by way of an intranet, or
communicate directly with industry partners, suppliers, and key customers
through extranets. These technologies enable organizations to securely conduct
business in today's open environments.
Yet with all the advanced
capabilities of today's applications, it is surprising to find that the
task of securing the complex networks that support them is still done by hand.
Administrators often use detailed command line interfaces (CLIs) to configure
network devices one at a time across distributed enterprises. What's more,
when policies change, implementation takes time.
Scaling Networks and
Maintaining Security
In very large networks, scalability issues can
make security deployment quite expensive and can lead to misconfigured systems
and inconsistent policy enforcement. No centralized, coordinated mechanism
exists to implement a consistent policy throughout the network, verify that it
is installed and functioning properly, change it easily as required, or detect
attacks, mistakes, and misuse within the network.
Cisco Policy
Management Solution
Cisco believes that administrators should be able
to define, deploy, and enforce a security policy without requiring network
administrators to work one-by-one across dozens, perhaps hundreds or thousands,
of devices. The Cisco Policy Management Solution provides end to end security
policy management by placing a layer of intelligence between the administrator
and the network itself. This layer provides translation between the intuitive
policies developed to support business processes and implementation of those
policies in network devices.
The Cisco Policy Management Solution
provides sophisticated tools that can analyze, interpret, configure, and
monitor the state of security policy, with browser based user interfaces.
Examples of the Cisco Policy Management solution are:
Cisco VPN Solution Center Software
CiscoWorks VPN/Security Management Solution
Cisco Secure User Registration Tool