Cisco Initiative Takes Aim At Remote Infections - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Hardware & Infrastructure

Cisco Initiative Takes Aim At Remote Infections

The Cisco Network Admission Control program is designed to ensure that remote systems logging on to networks are safe and properly configured before they're granted access.

Many of the companies hit by SQL Slammer and Blaster, as well as this year's plethora of nasty viruses, learned what was and wasn't working when it came to their security defenses. A number discovered that while their perimeter defenses, such as network firewalls, gateway antivirus, and patching efforts, largely worked to defeat these malicious code outbreaks, their internal networks still ended up getting nailed.

The infections often stemmed from remote workers or visiting consultants and contractors who logged on to company networks without properly patching or updating their antivirus software--and subsequently started infecting internal desktops and servers that had yet to be patched.

To help companies combat the problem of at-risk and insecurely configured remote workers, notebooks, and handheld PCs, Cisco Systems on Tuesday unveiled its planned technology to ensure that remote systems logging on to networks are safe and properly configured before they're granted access.

The initiative, dubbed the Cisco Network Admission Control program, will provide Cisco routers with a way to determine the security posture of computing devices. For example, if a remote notebook user is trying to log on to the system, certain security settings can be validated--such as whether its patches and antivirus signatures are up to date. If, after being vetted by the Cisco Network Admission Control app, the system is found not to be up to snuff, it can be denied access to the network, quarantined, or permitted to enter only certain segments of the network.

Cisco partnered with major antivirus vendors Network Associates, Symantec, and Trend Micro for this initiative.

The concept of enforcing security for "end-point" devices such as notebooks, desktops, PDAs, and eventually cell phones isn't a new idea. Security vendors such as InfoExpress, Sygate, and Zone Labs have end-point firewalls that provide various ways for systems to have their security health checked before network access is granted.

Research firm Frost & Sullivan expects the sale of end-point security applications to grow from $140 million last year to about $556 million by 2008.

Pete Lindstrom, research director at Spire Security, says business security has moved from "a few big gaping holes in systems to a larger amount of tiny holes in corporate systems." He says initiatives such as Cisco's are the next logical way for the security industry to "fill these tiny pinholes" that can create big security problems on internal networks.

The center of Cisco's announcement is its Cisco Trust Agent, which will be installed on remote systems. The agent will gather information from system settings and security apps and send it to Cisco's networking gear to determine if the system requesting access has its security up to snuff.

Moving forward, and largely based on Cisco's January 2003 acquisition of intrusion-prevention maker Okena, Cisco will integrate the Trust Agent with the Cisco Security Agent to enforce end-point security policy and stop new worms from attacking devices that have yet to be patched.

Cisco executives say they expect the first customer deployments of Trust Agent by the first half of next year. But before then, the company says it will deploy the technology on its own networks to increase security and work out any potential kinks in the new technology. Says president and CEO John Chambers, "We eat our own cooking."

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
COVID-19: Using Data to Map Infections, Hospital Beds, and More
Jessica Davis, Senior Editor, Enterprise Apps,  3/25/2020
Enterprise Guide to Robotic Process Automation
Cathleen Gagne, Managing Editor, InformationWeek,  3/23/2020
How Startup Innovation Can Help Enterprises Face COVID-19
Joao-Pierre S. Ruth, Senior Writer,  3/24/2020
Register for InformationWeek Newsletters
Current Issue
IT Careers: Tech Drives Constant Change
Advances in information technology and management concepts mean that IT professionals must update their skill sets, even their career goals on an almost yearly basis. In this IT Trend Report, experts share advice on how IT pros can keep up with this every-changing job market. Read it today!
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll