Cisco backtracks on IOS security availability

After announcing a number of security enhancements to its IOS software, Cisco Systems Inc. issued an alert on Friday that said some of those features will not be available until well into 2003, contrary to the company’s earlier claims.

The about-face came in the wake of a Nov. 19 press release from the San Jose-based networking giant that highlighted new hardware and software to improve the performance of virtual private networks (VPNs). In the announcement was news of “new advanced security services within Cisco IOS Software.”

IOS is the network systems software used in most Cisco hardware products.

The new software features include stateful firewall and intrusion detection features for IOS, according to the announcement.

Also mentioned in the announcement were improved quality of service (QoS) features for VPNs, as well as support for new Internet Protocol Security (IPSec) services such as integrated support of Advanced Encryption Standard (AES), Dynamic Multipoint VPNs and Network Address Translation (NAT) transparency.

IPSec is an Internet security standard that is commonly used in deploying VPNs.

The new IOS software features were to be available immediately for a variety of platforms that run IOS, ranging from the company’s 800 series routers to its 7000 series routers, according to Cisco’s Nov. 19 announcement.

However, a media alert posted on Cisco’s Web site on Friday stated that, although those features were available on “select Cisco platforms,” they would not be available on the 800 through 7000 series routers until the first or second quarters of 2003.

Cisco did not clarify what was meant by “select Cisco platforms,” nor did it list router platforms on which the new IOS software features were currently supported.

Although Cisco did not provide any firm dates for the release, the company said in its alert that the IPSec enhancements would be “available across a broader set of platforms” in the second quarter of 2003.

The inline stateful firewall and intrusion detection features for IOS would be available in the first quarter of the 2003, according to Cisco.

An updated version of the Nov. 19 announcement posted on Cisco’s Web site said simply that the new features “will be available in a phased manner over the next few months across the Cisco 800 to 7000 series routers.”

Cisco could not immediately be reached for comment.