Cisco TrustSec

Prepare for Personal Devices

Viewing this video requires the latest version of Adobe Flash Player with JavaScript enabled.

Get the Flash Player

Help Ensure Secure Access

Viewing this video requires the latest version of Adobe Flash Player with JavaScript enabled.

Get the Flash Player

Fundamentals of TrustSec

Viewing this video requires the latest version of Adobe Flash Player with JavaScript enabled.

Get the Flash Player

Aaron Woland
Technical Marketing Engineer

"We wrote this design guide with implementation in mind; you can follow it from beginning to end and have a working solution when you're finished."

View Design Guide

More Effective, Highly Secure Access

Cisco TrustSec is an intelligent and scalable access control solution that mitigates security access risks across the entire network.

It builds upon existing identity-aware infrastructure while helping to ensure complete data confidentiality between network devices. It efficiently integrates security access services on one platform, Cisco Identity Services Engine.

TrustSec Advantages

Allows a growing mobile and complex workforce appropriate access from any device.
Minimizes security risks by providing visibility of who and what is connecting to the wired or wireless network
Offers control over where and what network users do - from physical to cloud-based IT resources
Reduces total cost of ownership through centralized, highly secure access policy management and scalable enforcement mechanisms with your existing network infrastructure

Cisco TrustSec integrates with the CiscoSecureX architecture to allow the Cisco security portfolio to use network-based identity context for full context-aware firewalling and policy enforcement.

Cisco TrustSec also provides personalized, professional services to simplify solution deployment and management.

Cisco TrustSec Products

Infrastructure Integrated Mode (802.1X)

Policy and services:

Cisco Identity Services Engine or Cisco Secure Access Control System.
Integrated profiler, posture, and guest services are available on the Identity Services Engine

Networking infrastructure for authentication and enforcement:

Cisco TrustSec Network Identity on Cisco switches - identity-based networking services
Cisco access and aggregation switches
Catalyst 2960
Catalyst 3560/3750
Catalyst 4500 Series
Catalyst 6500 Series
Cisco Nexus switches - Cisco Nexus 7000 Series
Cisco Wireless LAN Controller - Cisco WLC
Client - Cisco AnyConnect

Overlay Mode (NAC)

Cisco NAC Appliance

Cisco TrustSec Functions

Context-aware user and device authentication and authorization
Device posture assessment
Centralized access policy with distributed enforcement
Nonauthenticating device discovery and profiling
Guest-user access and lifecycle management
Data integrity and confidentiality
Monitoring, management, and troubleshooting

Learn More

On the Cisco TrustSec Horizon

Future enhancements to Cisco TrustSec services will provide these context-enabled identity and access services for the new borderless network infrastructure:

Expanded user and network-device support for policy enforcement
Context-based firewall support
Expanded management
Real-time security intelligence feeds from Cisco
Partner ecosystem

Choose the Right Approach

Your Needs	Your Solution
Do you need to ensure that your endpoints are healthy and meet policy?	Cisco NAC Appliance (NAC) and 802.1X with Identity Service Engine (ISE)
Do you need to provide access to a non Cisco or heterogeneous infrastructure?	NAC
Do you have or plan to implement 802.1X?	802.1X with ISE
Do you use or plan to use a service-enabled infrastructure?	802.1X with ISE
Do you need guest-access services?	NAC and 802.1X with ISE
Do you need to discover and authenticate nonuser devices such as printers, IP phones, video cameras, and so on?	NAC and 802.1X with ISE