Infrastructure
News
10/18/2005
08:14 AM
Connect Directly
RSS
E-Mail
50%
50%

Cisco To Strengthen Its Security Framework

The company is adding support for more types of network devices, and is making available client software to ensure antivirus and other protection is up to date.

Cisco Systems is scheduled to add several features to its networked security framework today, including support for the company's popular Catalyst network switches as well as its wireless routers, according to Cisco.

The two-year-old framework, dubbed Network Admission Control (NAC), is Cisco's overarching plan for combining technologies and strategy to develop networks that can deploy security tactics automatically, by blocking or restricting devices that aren't compliant with network security policies. Previously, Cisco's NAC offerings included router software and standalone network appliances which communicated with PC "agent" software to determine whether client devices had the correct configurations and clearance.

By adding NAC support to Catalyst switches, Cisco customers can extend the framework's granularity down to the LAN level, said Cisco's Joe Sirrianni, a senior solutions manager for NAC. With NAC capability integrated into the switch's operating system, Sirriani said, administrators can make decisions (such as to isolate network elements that may have been infected by a worm or a virus) at the port level.

"There's a flexibility there now to do whatever fits [the situation] best," Sirriani said. The NAC framework will be available for Cisco's Catalyst 6500, 4900, 4500, 3700, 3500 and 2900 series of switches, and is scheduled to ship by the end of November as an operating-system software upgrade. Customers with appropriate switch support contracts, Cisco said, will get the NAC upgrade free.

Cisco is also scheduled to announce immediate availability of NAC framework support for its wireless routers, including its Aironet access points, also as a software upgrade free to customers with existing support contracts. Cisco also announced a new version of its standalone NAC appliance that supports single sign-ons for NAC and VPN access, as well as a new partner program to extend NAC support to client devices (such as IP phones or PDAs) that might not have the memory or processing capability to house Cisco's Trust Agent client software.

The company also said that the second version of the Trust Agent software will also be available by the end of November. According to Cisco, the client software allows NAC systems to determine if security or management software such as Cisco's Security Agent software, or other required third-party antivirus software is correctly installed and up to date.

While Cisco's vision for NAC is one that eventually blends partnerships and standards to provide an open platform for heterogeneous, interoperable network security, currently NAC consists chiefly of Cisco technologies that work best in Cisco-only network infrastructures, and interoperability guarantees with leading client-side security-software vendors Trend Micro, Symantec and McAfee.

While Cisco's Sirrianni said the company plans to submit NAC protocols to standards bodies, he also agreed that the market will likely play a big role in determining whether customers follow Cisco's vision or competing strategies from other networking vendors like Juniper Networks, or security software vendors like Check Point, or even software king Microsoft, whose Network Access Protection plan hews a similar line to Cisco's NAC.

Enterprise customers, Sirrianni said, are likely to prefer a vendor who can offer the widest range of security interoperability.

"We’re working very closely with Microsoft, and we're still going to submit all our [NAC] protocols to standards bodies by the end of 2006," Sirrianni said. "We're committed to that process."

Comment  | 
Print  | 
More Insights
2014 Next-Gen WAN Survey
2014 Next-Gen WAN Survey
While 68% say demand for WAN bandwidth will increase, just 15% are in the process of bringing new services or more capacity online now. For 26%, cost is the problem. Enter vendors from Aryaka to Cisco to Pertino, all looking to use cloud to transform how IT delivers wide-area connectivity.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest September 23, 2014
Intrigued by the concept of a converged infrastructure but worry you lack the expertise to DIY? Dell, HP, IBM, VMware, and other vendors want to help.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.