Xerox, Trellix and Cisco®: The Cybersecurity Collaborative Effect
Time is everything in cybersecurity. The best responses neutralise threats at their source the moment they occur. By augmenting our security technologies with the market-leading Trellix DXL and Cisco® pxGrid platforms, Xerox® multifunction printers (MFPs)* help you do just that.
Lets get to it.
Scenario 1: No Threats Detected
Trellix Embedded Control protects Xerox MFPs* with whitelisting technology.
Authorised users can use Xerox® MFPs* to work on approved tasks.
Files and software comply with security policies.
When the Xerox® MFP* detects a potential threat, Trellix® Embedded Control whitelisting technology prevents the attack, logs the event and sends an email to the printer's administrator.
Next, the MFP* sends a threat event to Trellix® ePolicy Orchestrator (ePO).
Trellix® ePO Automatic Response is triggered for the Data Exchange Layer (DXL) client to communicate to Cisco's Identity Services Engine (ISE) pxGrid node.
Trellix® ePO transmits the event over the Trellix® DXL/Cisco® pxGrid framework. Cisco® ISE receives the communication.
Cisco® Authentication Service removes the affected MFP* from the network until the extent of the threat is evaluated.
Reallocate security resources where they’re needed most.
Trellix ePolicy Orchestrator (ePO) and Cisco® Identity Services Engine (ISE) maintain continuous contact over the Trellix DXL/Cisco® pxGrid framework.
As a result, the Cisco® Policy Database recognises Xerox® printers are protected by Trellix and designates them as trusted endpoints.
This allows security professionals to focus their resources on less secure endpoints.
The following enablers are required for an automated response to cyberthreats:
Xerox® MFP* that has Trellix Agent & Embedded Control
Trellix DXL Brokers configured to bridge to Cisco® pxGrid
Bidirectional communication between fabrics
Session notifications and ISE-related services
Adaptive Network Control (ANC) messages and related notifications
New Automatic Response within ePO that invokes ANC/EPS services (quarantine, etc.)
pxGrid messages and services available to OpenDXL clients
OpenDXL Cisco® pxGrid Python Client
*Xerox® ConnectKey® i-Series Multifunction Printers, Xerox® WorkCentre® EC7836/7856 Color Multifunction Printers and Xerox® AltaLink® Multifunction Printers
* Trellix was formerly known as McAfee