SAN FRANCISCO — Cisco Systems announced a new
phase in its “Self-Defending Network” initiative today — one that promises
protection from future attacks.
San Jose, Calif.-based Cisco dubbed the new portfolio “Adaptive Threat Defense” or ATD. Cisco is initially launching 10 new products and corresponding services, half of which were developed by Cisco engineers.
The rest are a combination of technologies Cisco acquired from Psionic
Software, Twingo Systems, Okena, Riverhead Networks and Protego
Networks.
Some of the new products are shipping now at no extra
charge to Cisco customers that have active SmartNET contracts. Others will arrive in March. Each combines security features, multi-layer intelligence, application
protection, network-wide control and threat containment.
Cisco said the latest — and certainly not the last phase — of its
Self-Defending Network initiative was necessary to prepare for the growing
threats of multi-level attacks peppered with the pressures of
spyware, phishing and malware
strategy relies on following usage behavioral patterns and trusted
clients.
“We’re laying a foundation to allow for the next wave of
technologies,” Jayshree Ullal, senior vice president for Cisco’s
Security Technology Group, said during a press briefing. “A lot of our
technologies were effective in the 90s, but they need another level to
them. We will continue to support all of our phases as long as there is
a threat.”
The company timed the announcement to coordinate with the RSA
Security Conference here this week. CEO John Chambers is scheduled to
deliver a keynote today on building and securing intelligent
information networks.
The first phase of the Cisco Self-Defending Network security strategy
focused on the need for integrated security, blending Internet Protocol
(IP) and security technologies. The next phase introduced the Network
Admission Control (NAC) industry initiative. Now, Cisco is focusing on
better threat mitigation through Anti-X defenses, application security,
and network control and containment.
Bob Gleichauf, Cisco vice president and CTO of the Security Technology Group, said the Adaptive phase builds on mutual awareness among
Cisco’s partners and between security services and network intelligence
communities.
“It is no longer a Draconian approach that closes off an entire
network in the case of a DDoS. That is not best practices,” Gleichauf
said. “Instead, we are filtering packets and traffic.” For example, an online retailer would not want to cut a potential customer off from the system, yet it needs provisions in place that could limit that customer’s activity when behavior matched threat criteria.
“What we are learning at the network edge
will have to be replicated in other parts of the network,” Gleichauf said. “This kind of attack could be recreated locally and companies have to be able to
withstand it.”
Products aligned with the new Adaptive Threat Defense strategy
include Cisco’s IPS 5.0; VPN 3000 Concentrator version 4.7; PIX 7.0,
which focuses on managing HTTP, voice, and IP-based applications; IOS
12.3(14)T for port-80 control; Cisco Security Agent version 4.5, which
handles malware/spyware protection, enhanced security state or “posture”
assessment and location-based policy enforcement; Catalyst DDoS Modules
for 6500 Series switches and 7600 Series routers; Cisco MARS; and the
Cisco Security Auditor.
Ullal said Cisco’s sales channels and training for the new Adaptive
focus would remain consistent with its current policies.