Cisco IPS Integration Turns Security Data Into Information - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Enterprise Applications

Cisco IPS Integration Turns Security Data Into Information

In addition to improving network security efficiency, Cisco's goal is to integrate reporting from intrusion prevention systems throughout the network.

Born out of its dominance in the networking world, Cisco's coverage in IT environments is hard to match. While Cisco has spent much of the past few years gobbling up niche security providers and growing its security product lines, the company is now looking at ways to better manage and coordinate mountains of threat data into a landscape its customers can defend.

The company took a significant step in this direction Monday when it unveiled a strategy of expansive security data communication, in particular among intrusion prevention systems. Cisco IPS 6.0, in conjunction with Cisco Security Agent 5.2, Cisco Security Mitigation Analysis and Response System 4.3, and Cisco Security Manager 3.1, represents a "systemized approach to self-defending networks," says Mick Scully, a Cisco VP of product management.

The thinking is that the security threat environment will always change more rapidly than security vendors can produce security enhancements, so the security measures already in place need to get better at recognizing and responding to attacks. The latest Cisco security agents enlist PCs into reporting on the security of a network, giving Cisco's latest version of the Cisco Security Mitigation Analysis and Response System (CS-MARS) even more to work with. If your PC is pinged, CSA will now report that ping to MARS, something Cisco is hoping will help companies catch attacks in their earlier stages.

False positives, which suggest a problem when none exists, are distracting and have been highly detrimental to the efficiency of intrusion prevention and detection systems, which generate enough data and don't need to be further cluttered. IPS 6.0 and Cisco Security Agent 5.2 have been tweaked in an effort to cut down false positives reported into the CS-MARS, which studies network traffic for anomalous behavioral and can coordinate with Cisco Security Manager 3.1 to change network security policies when necessary.

In addition to improving network security efficiency, Cisco's goal with the new releases is to integrate reporting from IPSs throughout the network, including those running as standalone network appliances and those running on routers and switches alongside Cisco's Internetwork Operating System, or IOS, which itself has run into security problems of late.

Cisco is also looking to push forward the SSL VPN technology it bought along with MI Secure in July 2005 as a way to better protect systems, data, and networks accessed by remote users. Cisco's SSL VPN is a big part of the company's Adaptive Security Appliance, which includes integrated firewall, IPS, anti-malware, and VPN capabilities. The latest version of the appliance, 8.0, features AnyConnect support for Microsoft Vista and previous versions of Windows, Mac OS X, and Linux, as well as Windows Mobile 5.0 Pocket PC Edition. Among the latest version's other features are network access for VoIP, Embedded Certificate Authority to simplify authentication, and direct mapping of Windows Active Directory to VPN access.

While competitors in the network security market seek to emulate Cisco's approach -- Check Point plans to buy PointSec Mobile Technologies for $586 million to expand into the data encryption game -- few security vendors can throw their weight around like Cisco. The challenge for the networking and security giant will be distributing that weight evenly.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Commentary
2021 Outlook: Tackling Cloud Transformation Choices
Joao-Pierre S. Ruth, Senior Writer,  1/4/2021
News
Enterprise IT Leaders Face Two Paths to AI
Jessica Davis, Senior Editor, Enterprise Apps,  12/23/2020
Slideshows
10 IT Trends to Watch for in 2021
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/22/2020
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you.
Slideshows
Flash Poll