Cisco aims to secure large and small enterprise nets

Cisco Systems Inc. unveiled several VPN and security products this week aimed at speeding up site-to-site VPNs, securing small and home office Internet connections and protecting Web servers from hackers.

Cisco’s latest products, which include VPN router acceleration cards and PIX firewall and intrusion detection software for Windows NT/2000 and Sun Solaris servers, could be used by enterprises to help lower the threat of viruses and worms. They could also help protect sensitive corporate data when sent over public networks.

The PIX 501 firewall is aimed at small and home offices. It supports up to 10 users and has an integrated four-port 10/100 Ethernet switch. The box also provides network address translation, support for triple data encryption standard (3DES) VPNs, plus packet inspecting capabilities.

Cisco’s SA-VAM and SM-VAM VPN acceleration cards work with the Cisco 7200 and 7100 routers respectively, and can provide 145M bit/sec throughput of 3DES VPN traffic. The cards also support 5,000 encrypted tunnels – up from previous 7200 and 7100 VPN acceleration speeds of 90M bit/sec 3DES and 2,000 tunnels. The SA-VAM card works only with Cisco 7100 routers, while the SM-VAM card fits in the 7100 and 7200 models.

The networking giant also added what it calls IDS Host Sensor and server agents to its lineup of VPN and security management software. The IDS Host Sensor agents can be installed on a Windows or Sun server to act as a watchdog for hack attacks on an Apache or Microsoft-based Web server.

According to Cisco, the software is able to identify traffic patterns that resemble viruses or hacker attacks on a server’s operating system and stops the activity before a server can be shut down or compromised.

Agents are managed from an IDS Host Sensor monitor application that can run on a separate server or workstation, which logs server attacks and updates server host agents with new hacker attack patterns or “signatures.”

The PIX 501 firewall starts at $700. Both VPN router acceleration modules for the Cisco 7100 and 7200 costs US$5,000. The IDS Host Sensor software can be purchased now as part of Cisco’s CiscoWorks VPN/Security Management Solution for $8,000, or a standalone system consisting of the IDS Host Sensor application for $5000, plus $1,750 to $2,150 per agent. All products are available now.