New Cisco Tools May Put A Lock On Networks

Cisco Systems last week unveiled its latest effort to build more proactive security into business-communications networks, unleashing a slew of network appliances, software enhancements, and services designed to help businesses better identify and more quickly respond to security threats. The so-called Adaptive Threat Defense products are part of the company's self-defending network strategy to provide broader protection by taking a multilayer approach to security threats.

The offerings will help businesses impose greater control on how their networks are used and make it easier to fight off threats, but they won't eliminate the need for individual security products that most businesses already have deployed, according to analysts and IT executives.

Cisco contends that a holistic approach using its suite of security products offers the best protection. "You can never completely eliminate all security threats," president and CEO John Chambers said in a keynote address at the RSA Conference on security. "But you can eliminate the majority of them and minimize the damages that occur."

The products include an upgraded intrusion-prevention system, modules designed to spot anomalous behavior on the network that might indicate a distributed denial-of-service attack is under way, software to enforce security policies and protect against spyware and malware, appliances that monitor and inspect traffic flowing over a network, a virtual firewall, and a network control and containment system to let administrators more easily monitor and manage network activity and threats.

"Cisco is offering some pretty powerful things for fighting well-known security threats, like known worms and viruses. But there are new threats coming along all the time," says Gartner analyst John Pescatore. "Businesses are still going to need firewalls and protection on the network edge from security players such as NetScreen, CheckPoint, and others."Cisco's security products won't replace network firewalls or antivirus software on PCs at ePlus Inc., which makes asset-management and E-procurement systems. They provide protection for the "inside" of the network, says Chris Fairbanks, principal network architect for ePlus, which has been testing the products. "Everything in the middle was wide open, and the self-defending approach helps a great deal in that area." Those capabilities are useful if an unhappy employee or a hacker gains access to the network and then tries to cause some mischief, Fairbanks says.

Cisco's centralized monitoring, analysis, and response system makes it easier to watch over all of the security devices ePlus has deployed. "It provides a single point of view so I can see exactly what's going on," Fairbanks says. "You can't put a price tag on that."

Cisco's efforts to build more security features into its networking equipment, as well as Microsoft's push to make its operating systems more secure, could put pricing pressure on other security vendors, says Gartner's Pescatore. "Neither company is dependent on security products for revenue."

Still, their moves don't solve one of the major security problems that many businesses face: employees improperly configuring servers and routers and switches. "If your people are the source of the problem, they will end up misconfiguring the security stuff also," Pescatore says. "So there will still be a need for separate security layer to catch when people make mistakes."