Guest blogger is our partner Chris Ceppi, CEO and Co-founder, ID/IP
Take this scenario: You normally sign on with your password from a company-issued MacBook Pro in San Francisco, but today a user has entered your credentials from a Windows machine in Estonia. Is it really you in Estonia? Your identity management system is sure that it is you. Your valid password has been used. The network security layer has its doubts. What happens next?
At ID/IP we've been obsessed with this question because it's our company mission to develop digital security solutions for businesses in this on-the-go world.
The best outcome in the above scenario is to integrate the identity management layer with the network security layer to develop a comprehensive, real-time view of the user and their device. If everything checks out, give the user seamless access. If anything looks sketchy, deny access or request an additional form of authentication.
Our challenge has been that the integration required to deliver this best outcome has been blocked because network security and identity management traditionally exist in parallel, but walled off, universes.
Enter the new pxGrid API from Cisco Systems. pxGrid is shorthand for Platform Exchange Grid and it's a real game changer for Cloud Security. pxGrid is a common API layer that enables cross-platform, network-system collaboration. In plain words, pxGrid allows the network layer to talk to the identity layer.
At ID/IP we've developed on pxGrid to deliver the IoT Connector, an authentication solution that integrates Cisco Identity Services Engine (ISE) with PingFederate, a full-featured federation server, from Ping Identity. The IoT Connector queries pxGrid, retrieves device context for the end-user device, and matches device context with the credentials of an authenticated user. The result is a session based on a combination of user and device information. The IoT Connector enables real-time combination of Cisco ISE state of the art Device Profiling and Ping Identity state of the art Cloud Identity security--it is a powerful weapon in the battle against criminal hacking.
Security built on integrations that enable intelligence, policy, and authentication information to flow between network infrastructure and applications is inherently stronger. At ID/IP we're thrilled to innovate alongside industry heavyweights like Cisco and Ping Identity, the leader in Next-Gen Identity and access management offerings. This direct collaboration has allowed us to deliver a breakthrough integration that is changing the security landscape on the Internet.