A Look At Cisco's Self-Defense Plan

Cisco Systems last week took the next step in its quest to develop self-defending networks, rolling out a spate of new products, software enhancements and services designed to minimize risks by addressing threats at multiple layers of a network.

The products, unveiled in a keynote by CEO John Chambers at the RSA Conference in San Francisco, run the gamut from desktop-level to switch-level security. They share a common framework—a new approach called Adaptive Threat Defense, which simplifies architectural designs and more tightly controls security devices in the Cisco line.

"Whatever you do has to be self-defending and cannot require human intervention," Chambers told the RSA audience. "It has to be one that focuses as much on process change as it does on IT change, and it has to anticipate where the IT industry is going three or five years down the road."

Topping the list of new products is Cisco IPS version 5.0, part of the vendor's IPS 4200 series of appliances. The product, which competes with offerings from antivirus vendors Symantec and McAfee, delivers in-line prevention services with new network antivirus, antispyware and worm-mitigation capabilities.

The San Jose, Calif.-based vendor also unveiled its Cisco Security Monitoring, Analysis and Response System (CS-MARS), which incorporates technology from Cisco's acquisition of Protego in December 2004.According to Jayshree Ullal, Cisco senior vice president of security technology, the CS-MARS tool works with the new Cisco Security Auditor to extend the concept of multiple device management by examining configurations on routers and switches, as well as allowing customers to validate the security of their infrastructure against pre-defined security checklists.

Channel partners said the new products bring technology closer to the ultimate goal of networks that defend themselves automatically.

"These offerings maintain Cisco products with the best-of-breed status and put Cisco out in front of other security vendors in terms of product capabilities," said Tim Carney, founder and CEO of Network Guys, Fremont, Calif. "They confirm the capability to integrate the products, which in turn allows resellers to offer a complete security solution."

Other new products introduced by Cisco last week include PIX Security Appliance Software version 7.0, which features improved VoIP protection, and the Cisco VPN 3000 Concentrator version 4.7, which incorporates technology from Cisco's acquisition of Twingo Systems in March 2004.

The latter offering adds a new SSL VPN tunneling client to provide secure access to applications, with appropriate end-point and malware protection, according to Cisco.0