Cisco Unveils Adaptive Threat Defense

The products, slated to launch Tuesday at the RSA Conference in San Francisco, span the gamut from desktop-level to switch-level security. They share a common framework: a new approach called Adaptive Threat Defense that simplifies architectural designs and enables tighter control of security devices in the Cisco line.

According to Jayshree Ullal, senior vice president of the San Jose, Calif.-based vendor's security technology group, the new products will fall into three categories: Anti-X Defenses, Application Security, and Network Control and Containment.

"All of these products are under the rubric of providing even more security up and down the network infrastructure," she said. "With them we are one step closer to the goal of a self-defending network."

Topping the new product list is the new Cisco IPS version 5.0, part of the vendor's IPS 4200 series of appliances. This product, which competes with security products from anti-virus vendors such as Symantec, Cupertino, Calif., and McAfee, Santa Clara, Calif., will deliver in-line prevention services with new network anti-virus, anti-spyware and worm mitigation capabilities.

Sponsored post

The product is free under existing service contracts; otherwise pricing starts at $5,700.

In conjunction with the new IPS tools, the Cisco Anomaly Guard Module and Cisco Traffic Anomaly Detector Module for the Catalyst 6500 series switches and 7600 series routers will offer new switch-integrated multi-gigabit protection of network resources against zero-day Distributed Denial of Service (DDoS) attacks. The blades will incorporate technology Cisco gained when it acquired Riverhead Networks in March 2004.

Pricing for the traffic anomoly module starts at $35,000; the anomoly guard module retails for $80,000.

What's more, with improvements to the Cisco Security Agent version 4.5, the vendor also will extend similar functionalities to individual workstations. The new version incorporates technology that Cisco gained when it acquired Okena in January 2003.

Pricing for the new CSA varies by user, but a new server license starts at $1,050.

These technologies also incorporate endpoint security technology in line with Cisco's Network Admission Control (NAC) initiative, a framework that assesses how well remote users comply with security policy, quarantines them until they comply, and pushes necessary anti-virus technology to those that are not up to snuff.

"We're adding functions to do a more detailed inventory of applications on a network," said Richard Palmer, vice president and general manager of the security technology group. "With this technology, customers can be sure that all endpoints are up to policy."

Other major enhancements surround the Cisco VPN 3000 Concentrator version 4.7, which will incorporate technology Cisco gained when it acquired Twingo Systems in March 2004. The product is free under existing service contracts; otherwise pricing starts at $495.

This new product will add a new SSL VPN tunneling client to provide secure access to applications with appropriate endpoint and malware protection. Cisco's current offering supports Web-based applications, but the new version will allow users to access other applications, such as e-mail residing on a corporate mail server.

The new features will allow remote workers to use Web browsers to connect back to their home network instead of using pre-installed IPSec clients as they had in the past. With this capability, Cisco essentially is playing catch-up; big-time competitors such as Juniper Networks, Sunnyvale, Calif., and Aventail, Seattle, as well as smaller companies such as AEP Systems, Raleigh, N.C., have offered this functionality for months.

Cisco's new PIX Security Appliance Software version 7.0 will tackle the issue of VoIP security, improving the product's protection of VoIP. Ullal said that a new version of the company's IOS -- version 12.3 -- also will enable many of these new security features to run on its switches and routers.

"This is an example of how firewalls are not firewalls anymore but really application firewalls," said Ullal. "By looking at not just the packet but the flow of traffic, we can extend security out to the application level."

The new PIX software is free under existing service contracts; otherwise pricing starts at $250.

Lastly, the company will unveil the Cisco Security Monitoring, Analysis and Response System (CS-MARS), a new product that incorporates technology gained when Cisco acquired Protego in December 2004. This product, along with the new Cisco Security Auditor, will extend the concept of multiple device management by examining configurations on routers and switches, and allowing customers to validate the security of their infrastructures against predefined security checklists.

According to Palmer, because the MARS product comes in a series of appliances that start at $15,000, it is perfect for solution providers who serve the small- and medium-sized business market.

"There isn't a better product for SMBs than this one," he said. "This goes beyond configuration to access threat management."

Pricing for the Cisco Security Auditor starts at $8,000.