RealTime IT News

Big Refresh For Cisco's Network Security

Cisco  is rolling out new product versions of its self-defending network portfolio and shifting its network security strategy in the process.

The release comes just ahead of Cisco's quarterly results, in which analysts are looking for a solid quarter from the networking giant. Cisco's self-defending network products are a key part of those revenues.

Beyond providing the latest in security features, the latest suite is touting collaboration and ease of deployment.

The Self-Defending Network is Cisco's three-year-old initiative, in which a myriad of networking components from Cisco are combined to provide enterprise networks with a complete network defense platform. One of the most hyped elements of the self-defending network portfolio has been Cisco's Network Access Control (NAC) technology, though NAC is only a constituent of a greater whole.

The latest enhancements announced today include: Cisco's Intrusion Prevention System (IPS 6.0), Cisco Security Agent (CSA 5.2), Cisco Security Mitigation Analysis and Response System (CS-MARS 4.3), Cisco Security Manager (CSM 3.1) and Cisco's Secure Sockets Layer virtual private network (SSL VPN 8.0).

Mike Nielsen, marketing manager for threat control systems and solutions at Cisco, said think of it as a system. Take Cisco's Security Manager 3.1, he said. It's a comprehensive policy management suite that now manages everything in Cisco's security portfolio from intrusion prevention to firewall to SSL-VPN and IPsec VPN. In a similarly comprehensive approach, the new IPS 6.0 product is now able to be pervasive across a network's infrastructure.

"We're integrating in technology from around the portfolio for network anomaly detection," Nielsen said. "So rather than looking at just signatures, we are now able to identify anomalies in traffic patterns based on our own analysis."

Cisco's self-defending network products correlate all the anomalous network activity and make a determination of whether it represents real threats. If the activity is deemed a threat, then network administrators are provided with a list of actions to take.

This is a key approach to managing network security, as more devices log into an enterprise network. A key entry point for them is remote access granted with the use of IPsec or SSL-VPNs as security protocols. Traditionally there has been a divide between the two disparate technologies in terms of ease of deployment and manageability. IPsec VPNs usually require some form of client application at the user end in order to access network assets. By contrast, SSL-VPNs typically utilize a Web browser in order to facilitate access, though end-user clients are also common.

Cisco's new AnyConnect VPN client, which is part of Cisco's new ASA 8.0 VPN software, challenges the usual IPsec vs. SSL-VPN debate. Mark Jansen, line manager for Cisco's SSL-VPN product said the new AnyConnect technology provides a seamless connection to an end-user without much effort from the end user regardless of whether they are using a Windows, Mac, UNIX or Linux machine.

"Cisco any connect client is about delivering an intelligent VPN network experience to a broad base of endpoints," Jansen said. "The technology works without the end user needing to know what version they need as the system figures out what version they should have. It can adapt to different needs."

AnyConnect uses the right transport method and knows what to deliver based on the desktop and the usage, he added.

The new enhancements to Cisco's Self Defending Network construct are all part of Cisco's effort to keep base with outside threats. It's an effort that even with the new product enhancement is likely to continue for the foreseeable future.

"As the threat landscape continues to evolve we're going to have to get better with out tools," Nielsen said. "The collaboration element is going to be more important, making sure our products work well together."

"The biggest piece is making this stuff manageable. It's been one of the larger headaches for organizations at large."