This guide was developed by TBL Network’s team of engineers and partners with the understanding that there are many ways to solve for the CIS controls. Our team has thoughtfully mapped solutions that work together to meet the controls.

2. ontrol
solution
1
2
3
4
5
system entity relationship diagram
inventory and control of software assets
system entity relationship diagram
controlled use of administrative privileges
secure configuration for hardware and
software on mobile devices, laptops,
workstations and servers
DNA center, Next Generation Firewall, ISE, Cisco Any
Connect: working together. Firepower is an
option if all solutions are not feasible at once
DNA Center, Firepower, ISE, DUO to understand
what software is running, AMP for Endpoints
DNA Center, ISE - control over versions and
roll out patches with AnyConnect
DNA Center, DUO
DNA Center, Veeam for backups

3. ontrol
solution
6
7
8
9
10
maintenance, monitoring and
analysis of audit logs
email and web browser protections
malware defenses
limitation and control of network ports,
protocols, and services
data recovery capabilities
DNA Center- Assurance feature.
third party tools: stealth watch, firepower
ESA & WSA, Umbrella
AMP for Network, AMP for Endpoints,
Umbrella
ISE
Veeam / Pure - site recovery management

4. ontrol
solution
11
12
13
14
15
secure configuration for network devices,
such as firewalls, routers, and switches
boundary defense
data protection
controlled access based
on the need to know
wireless access control
DNA Center
Umbrella, AMP for Endpoints, DUO, ISE
Firepower, AnyConnect
DUO, Firepower, ISE segmentation
DUO, ISE

5. ontrol
solution
16
17
18
19
20
account monitoring and control
implement a security awareness
and training program
application software security
incident response and management
penetration tests and red team exercises
DUO, ISE
tbl networks can recommend a third party
security awareness vendor
tbl networks can recommend application
software security from a third-party vendor
tbl networks can recommend a templated
incident response management plan
tbl networks can make recommendations
on penetration testing vendors

6. Cisco AMP for Endpoints
Cisco Advanced Malware Protection (AMP) for Endpoints prevents threats at point of entry, then
continuously tracks every file it lets onto your endpoints. AMP can uncover even the most advanced
threats- including file-less malware and ransomware in hours, not days or months.
implementation effort 1-10
3
helps solve controls:

7. Cisco AMP for Network
This network-based malware goes beyond point-in-time detection to protect across the entire attack
continuum. AMP for Networks provides visibility and control to protect against highly sophisticated and
targeted advanced malware.
implementation effort 1-10
5
helps solve control:

8. Cisco AnyConnect
This empowers your employees to work from anywhere, at any time, on company laptops or
personal mobile devices. AnyConnect simplifies secure endpoint access and provides
the security necessary to help keep your organization safe and protected.
implementation effort 1-10
1
helps solve control:
1

9. Cisco DNA Center
Cisco DNA Center is the network management and command center for Cisco DNA, your
intent-based network for the enterprise. Provision and configure all your network devices in minutes.
Use advanced artificial intelligence and machine learning to proactively monitor, troubleshoot, and
optimize your network. Integrate with third-party systems for improved operational processes.
implementation effort 1-10
helps solve controls:
5

10. Duo
With Cisco ASA with Firepower Services, you consolidate multiple security layers in a single
platform, eliminating the cost of buying and managing multiple solutions.This integrated approach
combines best-in-class security technology with multilayer protection integrated in a single device that’s
less costly than piecemeal security solutions.
implementation effort 1-10
helps solve controls:
2 2

11. Cisco Firepower Next Generation Firewall
With Cisco ASA with Firepower Services, you consolidate multiple security layers in a single
platform, eliminating the cost of buying and managing multiple solutions.This integrated approach
combines best-in-class security technology with multilayer protection integrated in a single device that’s
less costly than piecemeal security solutions.
implementation effort 1-10
helps solve controls:
6

12. Cisco Identity Services Engine
By providing a differentiated policy based on theWho,What,When,Where, and How of the
endpoint,Cisco ISE links who is in your network to what they are doing.With Cisco ISE, your entire
network is the enforcement point for your security policy, not just a singular network device.
implementation effort 1-10
helps solve controls:
9

13. Cisco Umbrella (formerly OpenDNS)
Cisco Umbrella provides the first line of defense against threats on the internet - at the DNS level.
Because Umbrella is delivered from the cloud, it is the easiest way to protect all of your users in minutes.
implementation effort 1-10
helps solve controls:
1

14. Data Recovery Abilities: Site Recovery Manager
VMware vCenter Site Recovery Manager is a business continuity and disaster recovery solution that
helps you plan, test, and run the recovery of virtual machines between a protected vCenter Server site
and a recovery vCenter Server site.You can configure Site Recovery Manager to work with several third-
party disk replication mechanisms by configuring array-based replication.Array-based replication
surfaces replicated datastores to recover virtual machine workloads.You can also use host-based
replication by configuring Site Recovery Manager to useVMware vSphere Replication to protect virtual
machine workloads.
implementation effort 1-10
helps solve controls:
5

15. Backups: Veeam
Veeam® Backup & Replication™ helps business achieve comprehensive data protection forALL
workloads — cloud, virtual and physical.With a single console, achieve fast, flexible and reliable
backup, recovery and replication of all applications and data, on-premises or in the cloud.
implementation effort 1-10
helps solve controls:
5

16. Security Awareness Training Program
Develop an ongoing security awareness training that addresses new technologies, threats, and
business requirements. Short 15 minute videos that are released quarterly would meet this
control’s standards. Outsourcing a security awareness training program is an option for meeting
this control as well.
implementation effort 1-10
helps solve controls:
5

17. Application Software Security
Have a corporate policy in place to ensure proper training for software developers is followed so
that all components and secure coding methodologies are updated and secure. Scanning of
applications and evaluations of third-party software can be outsourced.
implementation effort 1-10
helps solve controls:
5

18. Incident Response Management
In case of a security breach, develop plans, define roles, conduct training, establish
communication channels, and determine management oversight.
implementation effort 1-10
helps solve controls:
5

19. Penetration Testing
Consider utilizing an outside organization to perform penetration tests.Tests should include a full
scope of blended attacks, such as wireless, client-based, and web application attacks.
implementation effort 1-10
helps solve controls:
5