News Stay informed about the latest enterprise technology news and product updates.

New Cisco security strategy targets elusive threats

Cisco has unveiled a new line of security products to fight against elusive network threats such as phishing, viruses and denial-of-service attacks. Experts laud the moves, but explain why hackers aren't exactly running for cover.

Networking giant Cisco Systems Inc. has announced several major enhancements to its security product portfolio, marking the vendor's biggest strategic shift in three years.

At the RSA Security conference in San Francisco Tuesday, Cisco announced nearly a dozen new products that run the gamut from desktop-level to switch-level security, all designed to help companies guard against elusive network threats like phishing, virus and denial-of-service (DOS) attacks.

The products are part of the company's new three-pronged Adaptive Threat Defense strategy, which aims to detect suspicious network events, prevent malicious intrusions and ensure the safety of application-specific traffic.

Among the many anticipated updates, Cisco unveiled Secure Sockets Layer support for its VPN Concentrator 4000 product. Version 4.7 of the Concentrator now enables secure access to virtually any IP applications, not just Web-based applications.

Another key update is version 5.0 of Cisco's Intrusion Prevention System (IPS). Part of the vendor's IPS 4200 series of appliances, it competes with security products from antivirus vendors such as Symantec and McAfee, and will deliver in-line prevention services with new network antivirus, antispyware and worm-mitigation capabilities.

In addition to several other products, Cisco announced the Anomaly Guard Module and Traffic Anomaly Detector Module for the Catalyst 6500 Series Switches and 7600 Series Routers. Both are intended to protect multi-gigabit-speed devices from distributed denial-of-service attacks.

"There is no perimeter to the network anymore, and we have to address threats to the network in a tiered, adaptive way," said Jayshree Ullal, senior vice president of the Cisco Security and Technology Group.

Ullal said many of these new security features to run on Cisco's switches and routers will be enabled by the new version of the company's Internetwork Operating System (IOS), version 12.3. Additionally, all the new offerings are designed to work as upgrades, as opposed to requiring new hardware or appliances.

Daniel Golding, a senior analyst with the Midvale, Utah-based Burton Group, said Cisco's strategy is interesting, not because he thinks it will necessarily stop DoS attacks, but because it shows the vendor's continued attachment to an integration strategy.

According to Golding, Cisco pitches Catalyst 6500 Series Switches to enterprises as a "core box," and this is one of many capabilities built into these modules, but he questions the quality of integration.

"There has been some criticism on the level of integration within the modules into the 6500," Golding said. "Essentially, it's a standalone box sticking out of the 6500." But Golding projected that Cisco is moving toward a virtualized switch with many functions in one chassis.

Jeffrey Posluns, CEO for Montreal-based consultancy SecuritySage Inc., said the newly announced products incorporate end-point security technology and dovetail with Cisco's Network Access Control (NAC) initiative. NAC is a framework that assesses how well nomadic users comply with security policy, quarantines them until they comply and pushes necessary antivirus technology to those that are not up to par.

Posluns said NAC and Cisco's new intrusion detection precautions harden the shell on the Cadbury egg of networks, but the pros only outweigh the cons for some enterprises depending on their needs.

NAC makes enterprises safer by setting up a gatekeeper for network admission, but Golding said the requirements to get through the gate, following this week's new announcements, might be too strong for even for diligent enterprise users.

For more information

Read why Lisa Phifer believes network-borne attacks are on the rise.


Learn more about Cisco's NAC security strategy.

"If you've got a laptop and you want to put it on the network, there are flaming hoops through which you must now pass," Golding added. "Hoops include having to know a password or catchy phrase to pass the gatekeeper, and then you face workstation software integration issues once you get in."

Golding said many of Cisco's security feature set upgrades are now comparable to those of competitors such as Juniper Networks Inc., which has spurred much speculation about Cisco becoming a security company. But Golding said Cisco is just rising to fit the competitive gauntlet thrown down by Juniper when it purchased NetScreen Technologies last year.

Nevertheless, Cisco's security investments are garnering positive results as last quarter, revenues from security products were up 30% from a year earlier.

Golding said Cisco's new product line is an example of Cisco continuing to evolve in response to the needs of its enterprise customers, but "nothing here is a security bombshell, so the hackers aren't running to the hills because of this announcement."

Dig Deeper on Network Security Monitoring and Analysis

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.