Cisco Bolsters Network Security - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Cisco Bolsters Network Security

The newest offerings are part of Cisco's Self-Defending Network security strategy, launched a few years ago to deliver real-time response to threats based on internal and external network intelligence.

Cisco Systems took steps Tuesday to address the growing need for more secure networks that can defend themselves against a variety of threats with the introduction of new incident-control and threat-mitigation software and services. It also has new versions of the company's intrusion-prevention signature (ISP) system and IOS router operating system software.

The newest offerings are part of Cisco's Self-Defending Network security strategy, launched a few years ago to deliver real-time response to threats based on internal and external network intelligence. "The Self-Defending Network security strategy is putting security everywhere it needs to be, which is everywhere, given that everything in the network has become a point of attack," says Raphael Reich, Cisco's security-product marketing manager.

The objective of the new incident control system, or ICS, is to let administrators respond quickly to security threats by distributing intrusion-prevention system signatures to Cisco devices. What makes ICS tick are Trend Micro Inc.'s TrendLabs outbreak-intelligence and virus-signature distribution data, and Cisco incident-control server middleware that helps distribute signatures, which are what describe security threats, to the network devices. "It's a network-wide response to an outbreak," says Joel McFarland, manager of product management for Cisco's security technology group.

The ICS provides a defense against what's already known; it's like moving people out of the path of a storm, says Joel Conover, a principal analyst with Current Analysis. "It takes information from Trend Micro and puts out policies that will mitigate the amount of damage that could come from that attack," he adds.

For companies challenged to accurately identify, manage, and eliminate security attacks while maintaining network security-policy compliance, Cisco also introduced distributed threat mitigation for Cisco IPS, software designed to provide an integrated and more coordinated response to locally occurring threats. The offering is a part of version 4.1 of its Security Monitoring, Analysis, and Response System. "We now have intrusion-detection deep-packet inspection in all Cisco network components, which makes sure devices throughout the network can internally adapt to threats by distributing the relevant signatures they need to defend against active network attacks," McFarland says.

The upgraded Cisco IPS, version 5.1, supports up to 255 virtual LANs on a single interface and delivers multigigabit, nonstop intrusion prevention through EtherChannel load balancing, which helps enable high throughput with high-availability services. Cisco IOS Software Release 12.4(4)T, available in November, includes a new outbreak-prevention capability called Flexible Packet Matching that lets users conduct deep-packet inspection pattern matching and filtering using pre-defined or customizable protocol templates in XML or IOS Command Line Interface. This is expected to let users respond to an outbreak in real-time and without network service disruption.

The biggest challenge with Cisco's approach to network security is that there are lots and lots of pieces to their puzzle, Conover says. Some of this is by necessity, since Cisco technology touches so many parts of an IT infrastructure.

Cisco is in the midst of organizing its network security initiatives, having bought a half-dozen companies offering technologies designed to manage packet-borne network threats, Conover says. Cisco would probably be the first to admit it's difficult to stitch all of these products together and provide a single point of accountability for dealing with deploying better security policy, he adds.

But such coordination is crucial. "Cisco's technology is distributed everywhere, so there are a lot of places where their technology can be threatened," Conover says. "If they could have built a single security architecture, that would have been preferable. But, given what they've got, this is an improvement over the status quo and will simplify the lives of the IT administrator, helping them deal with these threats in a more proactive fashion."

A key decision for IT managers and security professionals to consider is whether they want to invest in a suite of Cisco security technology or choose competing products from a variety of different vendors, including Symantec, 3Com, or Check Point Software Technologies. "You can put together a best-of-breed solution from a half-dozen vendors, but then you have the challenge of maintaining all of those systems," Conover says. "On the other hand, you're further locking yourself into Cisco."

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Top-Paying U.S. Cities for Data Scientists and Data Analysts
Cynthia Harvey, Freelance Journalist, InformationWeek,  11/5/2019
10 Strategic Technology Trends for 2020
Jessica Davis, Senior Editor, Enterprise Apps,  11/1/2019
Study Proposes 5 Primary Traits of Innovation Leaders
Joao-Pierre S. Ruth, Senior Writer,  11/8/2019
Register for InformationWeek Newsletters
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll