Infrastructure // Networking
08:14 AM
Connect Directly
Repost This

Cisco To Strengthen Its Security Framework

The company is adding support for more types of network devices, and is making available client software to ensure antivirus and other protection is up to date.

Cisco Systems is scheduled to add several features to its networked security framework today, including support for the company's popular Catalyst network switches as well as its wireless routers, according to Cisco.

The two-year-old framework, dubbed Network Admission Control (NAC), is Cisco's overarching plan for combining technologies and strategy to develop networks that can deploy security tactics automatically, by blocking or restricting devices that aren't compliant with network security policies. Previously, Cisco's NAC offerings included router software and standalone network appliances which communicated with PC "agent" software to determine whether client devices had the correct configurations and clearance.

By adding NAC support to Catalyst switches, Cisco customers can extend the framework's granularity down to the LAN level, said Cisco's Joe Sirrianni, a senior solutions manager for NAC. With NAC capability integrated into the switch's operating system, Sirriani said, administrators can make decisions (such as to isolate network elements that may have been infected by a worm or a virus) at the port level.

"There's a flexibility there now to do whatever fits [the situation] best," Sirriani said. The NAC framework will be available for Cisco's Catalyst 6500, 4900, 4500, 3700, 3500 and 2900 series of switches, and is scheduled to ship by the end of November as an operating-system software upgrade. Customers with appropriate switch support contracts, Cisco said, will get the NAC upgrade free.

Cisco is also scheduled to announce immediate availability of NAC framework support for its wireless routers, including its Aironet access points, also as a software upgrade free to customers with existing support contracts. Cisco also announced a new version of its standalone NAC appliance that supports single sign-ons for NAC and VPN access, as well as a new partner program to extend NAC support to client devices (such as IP phones or PDAs) that might not have the memory or processing capability to house Cisco's Trust Agent client software.

The company also said that the second version of the Trust Agent software will also be available by the end of November. According to Cisco, the client software allows NAC systems to determine if security or management software such as Cisco's Security Agent software, or other required third-party antivirus software is correctly installed and up to date.

While Cisco's vision for NAC is one that eventually blends partnerships and standards to provide an open platform for heterogeneous, interoperable network security, currently NAC consists chiefly of Cisco technologies that work best in Cisco-only network infrastructures, and interoperability guarantees with leading client-side security-software vendors Trend Micro, Symantec and McAfee.

While Cisco's Sirrianni said the company plans to submit NAC protocols to standards bodies, he also agreed that the market will likely play a big role in determining whether customers follow Cisco's vision or competing strategies from other networking vendors like Juniper Networks, or security software vendors like Check Point, or even software king Microsoft, whose Network Access Protection plan hews a similar line to Cisco's NAC.

Enterprise customers, Sirrianni said, are likely to prefer a vendor who can offer the widest range of security interoperability.

"We’re working very closely with Microsoft, and we're still going to submit all our [NAC] protocols to standards bodies by the end of 2006," Sirrianni said. "We're committed to that process."

Comment  | 
Print  | 
More Insights
2014 Private Cloud Survey
2014 Private Cloud Survey
Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Elite 100 - 2014
Our InformationWeek Elite 100 issue -- our 26th ranking of technology innovators -- shines a spotlight on businesses that are succeeding because of their digital strategies. We take a close at look at the top five companies in this year's ranking and the eight winners of our Business Innovation awards, and offer 20 great ideas that you can use in your company. We also provide a ranked list of our Elite 100 innovators.
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.