Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IPS and anti-virus

Does the IPS prevent viruses? So we do not require anti-virus on endpoints?

Thanks

Hilary

4 REPLIES
Cisco Employee

IPS and anti-virus

Hi,

Cisco does not longer provide end-point protection (CSA) you can talk with your account team for a replacement product. In regards to the IPS part of the question; the IPS can stop some of the consequences of a virus (attack) using anomally detection and signatures but the root cause will remain on the PC; so you still need end point protection.

HTH

Luis Silva

"If you need PDI (Planning, Design, Implement) assistance feel free to reach us"

http://www.cisco.com/web/partners/tools/pdihd.html

Luis Silva "If you need PDI (Planning, Design, Implement) assistance feel free to reach us" http://www.cisco.com/web/partners/tools/pdihd.html
New Member

IPS and anti-virus

Thanks Luis

The problem we are trying to solve is as follows. If a user brings in laptop infected with a virus, we would like to restrict the spread of that virus to the local LAN segment. If we put an IPS at the perimeter/gateway of this LAN, can we prevent the spread of the virus to the global network? And can IPS identify the source (laptop) of the virus?

Regards

Hilary

Cisco Employee

IPS and anti-virus

Hilary,

This can be addressed by Cisco's BYOD (Bring Your Own Device) solution, so in this case ISE or NAC will be the way to go.

Regards,

Luis Silva

"If you need PDI (Planning, Design, Implement) assistance feel free to reach us"

http://www.cisco.com/web/partners/tools/pdihd.html

Luis Silva "If you need PDI (Planning, Design, Implement) assistance feel free to reach us" http://www.cisco.com/web/partners/tools/pdihd.html
New Member

IPS and anti-virus

Hi Hilary,

To add on ISE, the Cisco ISE supports posture assessment of clients. Posture assessment allows inspecting security “health” of the PC and MAC clients. This includes checking for installation, running state, and last update for security software, such as anti-virus, anti-malware, personal firewall. It also ensures the operating systems are patched appropriately.

In addition, ISE posture policies can check for additional custom attributes, like files, processes, registry settings, and applications. Taken together, these features provide ISE with the ability to determine the security “health” of a client that is trying to access your network. ISE uses posture policies to determine the access rights and remediation options that should be provided to clients.

1018
Views
0
Helpful
4
Replies