Executive Summary

Asimily, a company specializing in cyber asset management for connected devices, has announced a significant enhancement to its platform's microsegmentation capabilities. The key development is the new native support for Security Group Access Control Lists (SGACL) within Cisco Identity Services Engine (ISE). This deepens the existing integration between the two products, enabling security teams to automatically translate the detailed device intelligence gathered by Asimily into enforceable, granular access policies in Cisco ISE. This move aims to help organizations, particularly in sectors like healthcare and manufacturing, to move from passive device visibility to active risk reduction by containing threats and preventing lateral movement across their diverse and growing fleets of IoT, OT, and IoMT devices.

Technical Overview

The integration between Asimily and Cisco ISE creates a powerful, automated workflow for network segmentation:

1. Device Discovery and Profiling (Asimily): The Asimily platform discovers and inventories all connected devices on the network, including difficult-to-identify IoT and OT assets. It uses AI-driven analysis to classify each device (e.g., 'infusion pump,' 'HVAC controller'), understand its normal communication patterns, and assess its vulnerability and risk posture.
2. Policy Recommendation (Asimily): Based on this rich context, Asimily recommends specific microsegmentation policies. For example, it might determine that an infusion pump only needs to communicate with a specific nurse station and a central management server on certain ports.
3. Policy Enforcement (Cisco ISE): Through the new SGACL integration, these recommended policies are automatically translated and pushed to Cisco ISE. ISE then uses this information to assign the device to a specific Security Group Tag (SGT) and enforces the corresponding access control list (SGACL) across the network infrastructure (switches, routers, firewalls).

This closed-loop process ensures that security policies are not only based on deep device context but are also dynamically updated as the device's risk profile changes.

Impact Assessment

This enhanced integration provides several key benefits for organizations struggling with connected device security:

• Automated Risk Reduction: It automates the difficult process of creating and maintaining network access rules for thousands of diverse devices, reducing the manual burden on security teams and minimizing the chance of human error.
• Containment of Threats: By enforcing least-privilege network access, microsegmentation prevents an attacker who compromises a single vulnerable IoT device from moving laterally to attack other systems on the network. This is a critical defense against ransomware and other advanced threats. This directly supports MITRE ATT&CK Mitigation M1030 - Network Segmentation.
• Improved Security for Unpatchable Devices: Many IoT and OT devices cannot be easily patched. Microsegmentation provides a vital compensating control by isolating these devices and limiting their exposure, even if they remain vulnerable.
• Actionable Intelligence: The integration turns the 'visibility' provided by asset management into 'action' by directly linking device intelligence to enforceable security controls.

Affected Industries

This solution is particularly valuable for industries with a high proliferation of connected devices, including:

• Healthcare: Securing Internet of Medical Things (IoMT) devices like infusion pumps, patient monitors, and MRI machines.
• Manufacturing: Protecting Operational Technology (OT) and Industrial Control Systems (ICS) on the factory floor.
• Critical Infrastructure: Securing IoT devices used in energy grids, water treatment facilities, and transportation systems.
• Financial Services and Government: Managing the growing number of IoT devices within corporate and government facilities.