data, network, database

CISOs at small and medium-sized businesses can be excused for thinking large enterprises get all the attention when it come to vendors crafting new security products and services.

Not always. Cisco Systems  announced Tuesday a Threat Awareness Service tailored for SMBs that gives more visibility into suspicious network behaviour.

To get it the customer has to subscribe to Cisco’s SmartNet Total Care support service. TAS comes free with, covering three domain names and three 256 IP addresses. It watches open services for exposed services and IP addresses for malicious activity. For an extra US$16 a month coverage is expanded to an unlimited number of domain names and IP addresses, and includes other features.

CP Morey, senior director of Cisco security product and solutions marketing, noted in an interview that half of attacks are on organizations with fewer than 2,500 employees.

TAW doesn’t enforce of company IT security policies, he emphasized, but is best used for assessment. “Use it as a check-up to see whether or not there’s problems despite the fact you have (other) security technologies deployed.”

It was one of a number of announcements Cisco made as it continues to hone its security portfolio:

Cisco Web Security, a software as a service offering, now gives IT greater visibility into employee use of cloud services such as DropBox. As announced earlier this year, Cisco is partnering with cloud security brokers SkyHigh Networks and Elastica to give CWS subscribers access to those two companies’ capabilities. These prevent the uploading of sensitive information and inappropriate sharing of data in the applications, to limit data exposure breaches.

The capability is sold as Cloud Access Security.

Pricing was not announced.

Identity Services Engine, automates context-aware access to network resources is now in version 2.0. Among the new capabilities is integration with Cisco’s separately-sold Mobility Services Engine, a platform that uses Wi-Fi to increase visibility into the network, deploy location-based mobile services.

With the integration CISOs can link network access to a user’s location. For example, a doctor in a hospital can have access to patient data in the ER or in a ward, but not when in a hallway or a lab.

Mobility Services Engine can locate any Wi-Fi device in a venue, including smartphones and tablets, Wi-Fi tags, and Wi-Fi interferers. The location data can be exported to other applications, including mobile applications using representational state transfer (REST) APIs. The engine can also locate Bluetooth low-energy (BLE) beacons and alert the user if beacons have been removed or misplaced

Expect Cisco [Nasdaq: CSCO] channel partners to start offering integration services.

— AnyConnect, Cisco’s virtual private network client is now updated to version 4.2. Among the capabilities is a new optional Network Visibility Module that pulls NetFlow and contextual data of users, applications, devices, locations, and destinations to give infosec pros more network visibility.

Morey said the data could be used by Lancope Inc.’s StealthWatch system, which identifies suspicious network traffic. Last week Cisco announced it will by Lancope.

To get the module organizations have to buy the premium APEX licence for AnyConnect.