Enforcing Security At The End Point - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Software // Enterprise Applications

Enforcing Security At The End Point

Cisco's app configures remote systems before giving access to the network

Many companies hit by the SQL Slammer and Blaster worms--and any of the year's nasty viruses--learned fast what worked when it came to security defenses. Perimeter defenses such as network firewalls, gateway antivirus devices, and patches largely held, but internal networks still got nailed. In many cases, this happened because remote workers or visiting contractors logged on to company networks without proper patches or updated antivirus software and infected any internal desktops and servers that hadn't yet been secured.

To combat this problem, Cisco Systems last week said it's developing an application to ensure that remote systems are properly configured before getting access to a network. The effort, part of Cisco's self-defending network initiative, will give Cisco routers a way to assess the security posture of computing devices. If a remote notebook user tries to log on to a company network, the Cisco Network Admission Control app validates certain security settings, such as whether the notebook's patches and antivirus signatures are up to date. If the notebook falls short, it can be denied network access, quarantined, or permitted to enter only certain segments of the network.

Next Nevel Of Security

Cisco's Network Admission Control program will include:

  • Trust Agent: Collects security-related information from servers, desktops, notebooks, and handheld devices

  • Network-Access Devices: Routers, switches, and wireless-access protocols that enforce security policy on end-point devices

  • Policy Server: Examines end-point security sent from network-access devices and decides what actions, if any, to take

  • Security Agent: Spots and stops malicious actions before they damage desktops or servers

  • Data: Cisco Systems

    Cisco partnered with antivirus vendors Network Associates, Symantec, and Trend Micro for this initiative.

    The concept of enforcing security on end-point devices, such as notebooks, desktops, PDAs, and, eventually, cell phones, isn't new. Vendors such as InfoExpress, Sygate, WholeSecurity, and Zone Labs have end-point firewalls that provide various ways for remote systems to have their security checked before getting network access. Cisco is one of the few IT vendors with the installed base to be able to provide end-point security that's also integrated into network devices, says John Pescatore, VP at research firm Gartner. "There are only two companies that can do this at this level, and that's Cisco and Microsoft. The challenge Cisco faces is convincing customers to install the Trust Agent on the notebook or desktop. Cisco has little desktop-software presence," he says.

    But that might not be too challenging as Research firm Frost & Sullivan expects sales of end-point security applications to grow from $140 million last year to about $556 million by 2008.

    Business security has moved from "a few big gaping holes in systems to a larger amount of tiny holes in corporate systems," says Pete Lindstrom, research director at Spire Security. Cisco's and other similar initiatives are the next logical step to fill these tiny pinholes that can create big problems on internal networks.

    "It advances the cause for intranet security," says Edward Gotthelf, director of network architecture at United Parcel Service Inc. "Making sure all systems are patched and that their virus signatures are up to date is a rapidly escalating problem. You used to have days to months to patch; now it's hours." The logistics company will examine how it could use Cisco's Network Admission Control technology, Gotthelf says.

    The program initially will work with Cisco routers and later be expanded to Cisco switches, wireless-access protocols, and security appliances. Cisco plans to provide Trust Agent free; pricing for Security Agent is based on volume. Network Admission Control requires the Cisco Secure Access Control Server, an authentication, authorization, and accounting server, priced at $5,995 for unlimited users with no license fee and $2,495 as an upgrade.

    Customer deployments of Network Admission Control are expected by the first half of next year. Before that, Cisco will deploy the technology on its own networks to increase security and work out kinks. Says president and CEO John Chambers, "We eat our own cooking."

    We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
    Comment  | 
    Print  | 
    More Insights
    InformationWeek Is Getting an Upgrade!

    Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

    How CIO Roles Will Change: The Future of Work
    Jessica Davis, Senior Editor, Enterprise Apps,  7/1/2021
    A Strategy to Aid Underserved Communities and Fill Tech Jobs
    Joao-Pierre S. Ruth, Senior Writer,  7/9/2021
    10 Ways AI and ML Are Evolving
    Lisa Morgan, Freelance Writer,  6/28/2021
    White Papers
    Register for InformationWeek Newsletters
    Current Issue
    Flash Poll