Cisco Revamps Security-Management Offerings

Cisco Systems is taking a big step to ease the management of its security equipment--and that of other vendors, as well. This week, the company is releasing its Cisco Security Management Suite (CSMS), an integrated security-event manager that includes the new Cisco Security Manager, and a revamped Cisco Security Monitoring, Analysis, and Response System (MARS). Cisco has also enhanced the SSL VPN and antimalware capabilities of its ASA 5500 security appliance.

The rollouts aim to help Cisco partners and customers reduce the management overhead of its gear, says Gale Yocom, president of Dallas-based security specialist Covetrix. CSMS' ability to accept security-related information from multiple security applications and networking equipment--including firewalls, routers, VPNs and intrusion-prevention systems--from Cisco and non-Cisco vendors is significant.

"The security market is full of point products, and the management of these products is only getting more complex," Yocom says, adding that CSMS gives users the ability to spot and manage risk, and maintain regulatory compliance, more efficiently and cost effectively.

"CSMS is a very interesting platform," says Joel Conover, principal analyst for Current Analysis, an enterprise infrastructure market research firm. "It's built from the ground up to provide integration between its various components."

Sponsored post

Conover says CSMS is the next generation of VPN and security-management software from Cisco.

"This is Cisco's foundation to integrate configuration management, policy management and event management," he says.

Initially, Cisco viewed CSMS as an enterprise-class product, says Alex Thurber, director of security worldwide channels for Cisco.

"But the midtier market is very concerned about the security posture of their networks, and they don't always have the large staff typically required to manage everything," he says.

Antimalware capabilities in CSC-SSM (Cisco's Content Security and Control software) for the ASA 5500 appliance now include e-mail and Web-traffic antivirus, antispyware, content filtering, access control and other security capabilities into what Cisco is calling the "threat-protected VPN." Conover says the appliance's enhanced security and VPN capabilities should also help companies reduce operational costs through the combination of SSL and IPsec-based VPNs, load balancing, stateful failover and other capabilities.

"There's a lot in this box," Yocom says.