[ISN] Cisco readies security product blitz

InfoSec News isn at c4i.org
Mon Feb 14 05:24:58 EST 2005


By Marguerite Reardon 
Staff Writer, CNET News.com
February 11, 2005

Cisco is preparing to announce a major overhaul of its security
portfolio next week, with upgrades to several of its existing

On Tuesday, at the RSA Conference in San Francisco, the company plans
to announce the largest set of upgrades to its security products in
three years, sources say.

The new enhancements should help the company catch up to leading
vendors, focusing on such areas as secure socket layer virtual private
networks and intrusion prevention. The upgrades should also help Cisco
fulfill its promise of a "self-defending" network, beefing up security
on IP telephony and other applications, while also extending network
protection to the desktop. And to help corporate customers keep track
of new threats, sources say, Cisco is also improving its management

Cisco declined to comment on the specifics of its announcements next
week, but has scheduled a press briefing at the security show.

Security is an important market for Cisco. It is one of six new areas
Cisco has been focusing on to help expand its overall business. So
far, security has been proven to be a good investment for the company.  
Last quarter, revenues from security products were up 30 percent from
a year earlier.

Cisco's strength in security has come not from having the best
products in every category, but from having a wide breadth of
offerings, analysts say. Next week's announcements should help level
the playing field against the pure security vendors while cementing
Cisco's dominance as a network-level security provider, they add.

"Cisco isn't known as a security company," said Zeus Kerravala, an
analyst with the Yankee Group. "They sell security as part of a
network strategy. But it's clear they are serious about providing more
security in the network. They are definitely the security leader among
networking vendors."

Nitty gritty

One of the more important upgrades to be announced next week is on
Cisco's SSL VPN product, sources say. SSL VPNs allow users to remotely
connect to the corporate network using a standard Web browser.  
Currently, Cisco's product only supports Web-based applications. The
new version will allow users to access some non-Web applications, too,
such as e-mail residing on a corporate mail server.

Such upgrades are an important addition to the product, since they
will allow remote workers to use their Web browsers to connect to the
corporate network rather than a difficult-to-manage IPsec client that
must be pre-installed. SSL VPN competitors, such as Juniper Networks,
through its Netscreen acquisition, and Aventail have been supporting
non-Web applications in their products for some time.

Cisco has also beefed up its intrusion detection product by adding
prevention software that can correlate possible symptoms of a worm or
virus attack to determine whether certain traffic should be blocked.  
The new software will put Cisco's product on par with those from
traditional security companies such as McAfee, say experts.

Cisco also plans to announce that it has added security features to
its PIX Firewall that will make it more friendly to IP telephony
protocols. The Cisco firewall has not been able to identify some of
these protocols, leaving voice over IP traffic vulnerable to attacks.

To give customers more choice with respect to how they deploy this
technology, Cisco is updating its Internetwork Operating Software
(IOS) so that many of these new security features can also run on its
switches and routers, sources report.

The company has also added more security features to its desktop
security agent. This software is a big component of Cisco's Network
Admission Control architecture, designed to prevent worms and viruses
from entering the network. The security agent sits on individual
workstations, identifying malicious code in communications between
network software systems. When it detects a virus or worm, it denies
access to the PC. Cisco has supposedly enhanced this software by
adding new anti-spyware protection meant to identify and remove
malicious programs before they jump from a PC to the network.

Cisco also plans to introduce a new blade that fits into its Catalyst
switches to help prevent denial-of-service attacks on Web servers.

Finally, Cisco will announce improvements to its network management
tools using some technology that it recently acquired from Protego.  
This technology, acquired in December, aggregates and correlates
information about security threats, so that network managers can
detect attacks.

More information about the ISN mailing list