Hardware & Infrastructure
04:40 PM
Mobile Threats & How to Keep Them at Bay
Jun 01, 2016
With savvy cybercriminals using vulnerabilities in apps, networks, and operating systems to gain c ...Read More>>

Cisco Initiative Takes Aim At Remote Infections

The Cisco Network Admission Control program is designed to ensure that remote systems logging on to networks are safe and properly configured before they're granted access.

Many of the companies hit by SQL Slammer and Blaster, as well as this year's plethora of nasty viruses, learned what was and wasn't working when it came to their security defenses. A number discovered that while their perimeter defenses, such as network firewalls, gateway antivirus, and patching efforts, largely worked to defeat these malicious code outbreaks, their internal networks still ended up getting nailed.

The infections often stemmed from remote workers or visiting consultants and contractors who logged on to company networks without properly patching or updating their antivirus software--and subsequently started infecting internal desktops and servers that had yet to be patched.

To help companies combat the problem of at-risk and insecurely configured remote workers, notebooks, and handheld PCs, Cisco Systems on Tuesday unveiled its planned technology to ensure that remote systems logging on to networks are safe and properly configured before they're granted access.

The initiative, dubbed the Cisco Network Admission Control program, will provide Cisco routers with a way to determine the security posture of computing devices. For example, if a remote notebook user is trying to log on to the system, certain security settings can be validated--such as whether its patches and antivirus signatures are up to date. If, after being vetted by the Cisco Network Admission Control app, the system is found not to be up to snuff, it can be denied access to the network, quarantined, or permitted to enter only certain segments of the network.

Cisco partnered with major antivirus vendors Network Associates, Symantec, and Trend Micro for this initiative.

The concept of enforcing security for "end-point" devices such as notebooks, desktops, PDAs, and eventually cell phones isn't a new idea. Security vendors such as InfoExpress, Sygate, and Zone Labs have end-point firewalls that provide various ways for systems to have their security health checked before network access is granted.

Research firm Frost & Sullivan expects the sale of end-point security applications to grow from $140 million last year to about $556 million by 2008.

Pete Lindstrom, research director at Spire Security, says business security has moved from "a few big gaping holes in systems to a larger amount of tiny holes in corporate systems." He says initiatives such as Cisco's are the next logical way for the security industry to "fill these tiny pinholes" that can create big security problems on internal networks.

The center of Cisco's announcement is its Cisco Trust Agent, which will be installed on remote systems. The agent will gather information from system settings and security apps and send it to Cisco's networking gear to determine if the system requesting access has its security up to snuff.

Moving forward, and largely based on Cisco's January 2003 acquisition of intrusion-prevention maker Okena, Cisco will integrate the Trust Agent with the Cisco Security Agent to enforce end-point security policy and stop new worms from attacking devices that have yet to be patched.

Cisco executives say they expect the first customer deployments of Trust Agent by the first half of next year. But before then, the company says it will deploy the technology on its own networks to increase security and work out any potential kinks in the new technology. Says president and CEO John Chambers, "We eat our own cooking."

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for InformationWeek Newsletters
White Papers
Current Issue
2016 InformationWeek Elite 100
Our 28th annual ranking of the leading US users of business technology.
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.