Cisco Takes Aim At LAN Security - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

01:45 PM

Cisco Takes Aim At LAN Security

Vendor expands its network-access control initiative to include local area network switches.

Cisco Systems is expanding its network-security initiative from wide area network access points to the switches and wireless devices used in local area networks.

Network administrators scorched by increasingly virulent malware attacks welcome the expansion of Cisco's network-admission-control strategy. But companies that already have begun to introduce these strategies from other vendors, or that don't relish the thought of upgrading portions of their diverse networking environment to comply with Cisco's requirements, might not be as happy.

Cisco in November will target its strategy at layer 2 of the network, where switches pass information inside the LAN, by offering network-admission-control support for its Catalyst switches, including the 6500, 4900, 4500, 3700, 3500, and 2900 series, as well as its wireless access points and controller platforms.

Cisco created its strategy in 2003 to address the difficulty companies have fighting the viruses, worms, and other malware that attack their networks and the systems that connect over the networks. Cisco figured the best way to do this was to get greater control over access points into the network to make sure each device connecting in is clean. The first fruits of Cisco's labor appeared in June 2004, when the company introduced routers and firewalls that complied with its network-admission-control strategy to identify security threats at the WAN level.

Risk Assessment
To become a part of a compliant environment, devices had to run Cisco Trusted Agent software so that information about those devices could be collected and evaluated for risk assessment. Devices unable to run Cisco Trusted Agent were out of luck. Cisco will remedy this next month by letting "agentless" devices such as printers, guest laptops, and PDAs have their security risk evaluated by third-party software from Altiris, Qualys, and Symantec. This software will then share its security-audit information with the Cisco network, which will make admission decisions.

of 653 businesses surveyed are implementing network-quarantine technology this year

Cisco's support for 802.1X port-level authentication, which allows devices to authenticate to a network regardless of where they're plugged in, is a welcome sign for Aurora Health Care, a not-for-profit health-care network with 14 hospitals, 150 clinics, and more than 200 pharmacies. Aurora uses Cisco routers, load balancers, and VPN concentrators, but its network consists of Enterasys Networks switches and intrusion-defense systems, Juniper Networks firewalls and SSL VPNs, and IronPort Systems E-mail security.

"So many networks are built over time, so there's no silver bullet," says Dan Lukas, lead security architect. Cisco's earlier NAC strategy hasn't been as effective for companies that use network equipment from a variety of vendors, Lukas adds. "We don't have Cisco everywhere, and I can't just swap out everything."

Making It Work
The success of Cisco's strategy depends on whether companies are willing to implement Cisco Trusted Agent or third-party assessment software, upgrade LAN equipment, and assess how they build and enforce access policies, says Forrester Research analyst Robert Whiteley. From a competitive standpoint, Cisco isn't the first vendor to offer network- admission-control protection at the LAN level. Alcatel and Enterasys already are doing essentially the same thing, although this shouldn't affect Cisco's entry into the market because the company is such a force in the networking world, he adds.

Lots To Do
But there's still a lot of work for companies to do before devices and protocols that comply with network-admission control can be implemented on layer 2, including upgrading switches that are more than three years old.

Companies with a basic network layout should look at standalone access-control appliances from Caymas Systems Inc. or network-quarantine appliances from Vernier Networks Inc., while companies with more complex networks should look to server- or switch-based systems from vendors including Sygate, which Symantec acquired earlier this month, and Cisco, according to a June Forrester report Whiteley authored on network-quarantine technology.

Of 653 technology decision-makers Forrester interviewed, 39% are implementing network-quarantine technology this year, the report says. "That's pretty good considering how many moving parts this technology has," Whiteley says. The reason for this adoption stems from the need to head off security problems by ensuring that infected end-points don't connect to the network. "NAC helps you keep the bad guys off your network," he says.

None of the vendors is likely to make a big splash this year. It'll be the middle to the end of 2006 before companies have network admission control up and running within the switch environment, Whiteley says. He adds: "2006 will be the major year of getting your infrastructure up to date and defining your networking policies."

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Remote Work Tops SF, NYC for Most High-Paying Job Openings
Jessica Davis, Senior Editor, Enterprise Apps,  7/20/2021
Blockchain Gets Real Across Industries
Lisa Morgan, Freelance Writer,  7/22/2021
Seeking a Competitive Edge vs. Chasing Savings in the Cloud
Joao-Pierre S. Ruth, Senior Writer,  7/19/2021
White Papers
Register for InformationWeek Newsletters
2021 State of ITOps and SecOps Report
2021 State of ITOps and SecOps Report
This new report from InformationWeek explores what we've learned over the past year, critical trends around ITOps and SecOps, and where leaders are focusing their time and efforts to support a growing digital economy. Download it today!
Current Issue
Monitoring Critical Cloud Workloads Report
In this report, our experts will discuss how to advance your ability to monitor critical workloads as they move about the various cloud platforms in your company.
Flash Poll