Cisco Bolsters SDN With New Security Solutions

Cisco Systems has unveiled a new line of security solutions that will help fill out its Self-Defending Network (SDN) architecture and provide partners with more opportunities to add services to their Cisco security installations.

On Tuesday, the company announced the Cisco Incident Control System (ICS); Distributed Threat Mitigation for Intrusion Prevention Systems (IPS) and other enhancements. Alex Thurber, Cisco's director of security for worldwide channels solutions, says the new and enhanced solutions grew out of the need to address security concerns that are becoming more pressing all the time.

"The outbreak-to-patch window is getting shorter and shorter, and everyone agrees that this will continue going forward," he says. "With this series of technologies, we're trying to protect the network core from the broadest range of threats, while also addressing emerging threats more rapidly."

In what Thurber calls the "sexiest" part of the new announcement, the new Cisco ICS provides shorter response times than ever to worm and network virus outbreaks. The solution uses outbreak intelligence and virus-signature distribution from Trend Micro's TrendLabs, a 700-person security-threat-management lab created by the vendor. This association enables Cisco IPS solutions, routers and switches to prevent the spread of threats before they reach the network core.

ICS also enables customers to better coordinate their network's response to outbreaks. The company is providing an implementation service from Cisco Advanced Services, which provides customers deploying Cisco ICS with advanced preparation, design and deployment support.

Thurber says partners will be able to add in their own services as well.

"These tools provide very exciting partner opportunities for services engagements," he says. "We'll be working immediately with partners to help train them on the technology, and plan which services they want to create."

Also announced on Tuesday are distributed threat mitigation for Cisco IPS, a new outbreak-prevention solution that integrates and coordinates responses to locally occurring threats. The service is enabled by enhancements to the Cisco Security Monitoring, Analysis and Response System (CS-MARS) version 4.1.

New versions of the Cisco IPS 5.1 and Cisco IOS Software Release 12.4(4)T provide improved outbreak-prevention capabilities with advanced threat mitigation and protection services. The Cisco IPS version 5.1 offers support for up to 255 Virtual LANs (VLANs) on a single interface and delivers multigigabit, nonstop intrusion prevention through EtherChannel load balancing. Other new capabilities include traffic rate limiting with Cisco switches and routers, allowing customers to have more control over network traffic and expanded protocol support. Centralized management of all Cisco IPS solutions that support IPS version 5.1 is also available for added operational efficiency.

Cisco partners say they're pleased with how the new announcements knit together the SDN architecture.

"Up to now, the whole SDN had silos of solutions, and you had to piecemeal together everything in between," says Chris Vincent, vice president of sales and marketing for Global Data Systems, a solution provider in Lafayette, La. "We've finally gotten to a point where we have a solution from the core to the edge."

He says GDS will be able to use the new products to expand its security presence with all its clients.

"This gives us an opportunity to create quite a few managed services around it," Vincent says. "We can compile services around implementation and design and elevate our annuity and subscription-based services as well."

Cisco IPS 5.1 is available now. Cisco ICS and Distributed Threat Management will ship in October, and the IOS software release will be available in November.