Enterprise network threats are escalating in both speed and magnitude, and IT staff, no matter how good they may be, cannot respond quickly enough to today’s attacks. That was the message from John Chambers, president and CEO of Cisco Systems Inc. as he outlined the company’s latest strategy to combat network threats on Tuesday.
As part of the strategy, Cisco announced a new program that it said will protect computer networks from attacks better than point solutions like intrusion detection systems and firewalls. Developed in conjunction with antivirus vendors Network Associates Inc., Symantec Corp. and Trend Micro Inc., Cisco said the initiative will tackle the risks posed by mobile and remote workers in enterprise environments who connect to corporate networks.
Called the Cisco Network Admissions Control (NAC) program, the idea is to prevent the mass destruction of threats like the recent Blaster worm and Slammer virus by scanning devices when they attempt to connect to a corporate network. According to Charles Giancarlo, a senior vice-president with San Jose-based Cisco, remote users can become infected through home or hotel connections or even through CDs and DVDs.
“When a user is outside the corporate network, the usual IT safeguards are no longer in place,” he said during a Web conference Tuesday. “In coming together to solve the critical problem that faces security today, we are uniting behind the power of the network to defend IT infrastructures against attacks.”
The NAC essentially detects non-compliant devices – those that may harbour viruses – and denies network access or quarantines the device until the network administrator can correct the problem.
Giancarlo explained that the NAC’s underlying technology – Trust Agent – is installed on laptops, home PCs and mobile devices that connect to corporate networks. Trust Agent determines certain levels of security, such as whether a device has been recently patched or has the latest virus recognition files.
“The explosion of wireless, mobile devices and pagers has made the corporation much more vulnerable to attack,” said George Samenuk, CEO of Network Associates.
The program is part of Cisco’s Self Defending Network strategy, whereby the company has outlined several key requirements to keep networks healthy and running.
“We need automated and proactive solutions that can defend against threats like viruses immediately when they occur,” Cisco’s Chambers said. “We need to move from standalone security devices to integrated security services in the network infrastructure. Lastly, we need to move from individual security products or services that operate independently to (offerings) that operate together as part of a cohesive security system.”
Network Associates, Symantec and Trend Micro have licensed the Trust Agent software from Cisco and will be integrating it into their own software clients, Cisco said.
The program marks a shift in tactics for addressing the threats posed by worms and viruses, according to Chris Christiansen, an analyst at IDC.
Previously, many security companies treated user desktop and laptop computers mainly as the target of malicious code. The Cisco Network Admission Control program, incorporating the lessons of Blaster and other recent attacks, treats them as transmission points for attacks on the network infrastructure, he said.
“There’s a recognition that the network is the true destination of the attack and that routers and switches need to have the ability to protect the network,” Christiansen said.
While the new program initially involves only major antivirus and security vendors, in the future Cisco will release an application program interface (API) that allows other companies to integrate the new Cisco technology with their products, Christiansen said.
Cisco expects the first NAC roll out by mid next year, but said it first plans to roll out the program in-house. For more information, visit the company online at www.cisco.com.
– With files from IDG News Service