Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cisco To Beef Up Its Security Framework

Cisco Systems is scheduled to add several features to its networked security framework today, including support for the company's popular Catalyst network switches as well as its wireless routers, according to Cisco.

The two-year-old framework, dubbed Network Admission Control (NAC), is Cisco's overarching plan for combining technologies and strategy to develop networks that can deploy security tactics automatically, by blocking or restricting devices that aren't compliant with network security policies. Previously, Cisco's NAC offerings included router software and standalone network appliances which communicated with PC "agent" software to determine whether client devices had the correct configurations and clearance.

By adding NAC support to Catalyst switches, Cisco customers can extend the framework's granularity down to the LAN level, said Cisco's Joe Sirrianni, a senior solutions manager for NAC. With NAC capability integrated into the switch's operating system, Sirriani said, administrators can make decisions (such as to isolate network elements that may have been infected by a worm or a virus) at the port level.

"There's a flexibility there now to do whatever fits [the situation] best," Sirriani said. The NAC framework will be available for Cisco's Catalyst 6500, 4900, 4500, 3700, 3500 and 2900 series of switches, and is scheduled to ship by the end of November as an operating-system software upgrade. Customers with appropriate switch support contracts, Cisco said, will get the NAC upgrade free.

Cisco is also scheduled to announce immediate availability of NAC framework support for its wireless routers, including its Aironet access points, also as a software upgrade free to customers with existing support contracts. Cisco also announced a new version of its standalone NAC appliance that supports single sign-ons for NAC and VPN access, as well as a new partner program to extend NAC support to client devices (such as IP phones or PDAs) that might not have the memory or processing capability to house Cisco's Trust Agent client software.

  • 1