Chambers Outlines Next Step Toward Self-Defending Network

In a keynote speech at the RSA Conference in San Franicsco Wednesday, Chambers outlined some of the San Jose, Calif.-based networking vendor's latest products in its Self-Defending Network strategy.

"Whatever you do has to be self-defending and cannot require human intervention," Chambers said. "It has to be one that focuses as much on process change as it does on IT change, and it has to anticipate where the IT industry is going three or five years down the road."

Less than 24 hours after Microsoft CEO Bill Gates and Symantec CEO John Thompson traded barbs on the same stage, Chambers took a more peaceful stance, delivering what Cisco sources said was his first product speech at a general-interest security event.

Cisco's new Self-Defending Network products, which span the gamut from desktop-level to switch-level security, share a common framework called Adaptive Threat Defense, which simplifies architectural designs and enables tighter control of Cisco security devices.

Topping the list of new products was Cisco IPS Version 5.0, which Chambers demonstrated on stage. The product, which competes with offerings from antivirus vendors such as Symantec and McAfee, delivers in-line prevention services with new network antivirus, antispyware and worm mitigation capabilities.

Chambers also unveiled the Cisco Security Monitoring, Analysis and Response System (CS-MARS), which incorporates technology from Cisco's acquisition of Protego in December 2004. CS-MARS, along with the new Cisco Security Auditor, is designed to extend the concept of multiple device management by examining configurations on routers and switches, as well as by allowing customers to validate the security of their infrastructure against predefined security checklists, he said.

"You can never completely eliminate all security issues, but you can eliminate the majority of them," Chambers said. "That is our goal--and to do it by integrating everything into one network."

Solution providers familiar with Cisco's new products said they bring technology closer to the ultimate goal of networks that defend themselves automatically.

Hart Rossman, assistant vice president and CTO at SAIC Integrated Security and Systems Solutions, said the Cisco strategy eventually will enable the Reston, Va.-based solution provider to offer customers networks that coordinate effective responses in realtime to deal with well-known and zero-day exploits, as well as rapidly developed exploit permutations.

"This approach takes us one step further in the evolution of information assurance becoming a business enabler," Rossman said. "The closer our network elements can come to coordinating a response for routine exploits, the more effective the response and the more human 'bandwidth' left available to deal with truly novel attacks."

Other new products introduced by Cisco this week include PIX Security Appliance Software Version 7.0, which features improved VoIP protection, and the Cisco VPN 3000 Concentrator Version 4.7, which incorporates technology from Cisco's acquisition of Twingo Systems in March 2004.

The latter offering adds a new SSL VPN tunneling client to provide secure access to applications, with appropriate endpoint and malware protection, according to Cisco. The company's current offering supports Web-based applications, but the new version allows users to access other applications, such as e-mail residing on a corporate mail server. Competitors such as Juniper Networks and Aventail, as well as smaller companies such as AEP Systems, already offer that functionality.