Cisco Steps Up Networking Security

Cisco Systems routers, an integral part of many business networks, gained new security capabilities last week. The networking vendor enhanced its Internetworking Operating System with Cisco IP Source Tracker, which helps identify and locate where denial-of-service attacks may be entering a network. It also provides a "reserved management channel" so administrators can take measures at the device to mitigate performance disruption, even when a router may be under a denial-of-service attack.

The company also added anomaly protocol inspection for the Extended Simple Mail Transfer Protocol so users can better defend against known E-mail attacks. Enhanced firewall support lets users segment networks without altering IP-addressing configurations.

The company also unveiled Cisco Security Device Manager version 1.1, designed to make it easier for administrators to manage the security policy of their routers. It supports Cisco 7200 and 7301 series routers, as well as the 800, 1700, 2600, and 3700 series.

Eric Ogren, a senior analyst at the Yankee Group, says Cisco is moving in the right direction but could get more specific in protecting networks. Its software now stops all traffic from offending IP addresses, he says. "It would be good to drop only the malicious messages or protocols."