3Com quarantines malicious traffic

3Com last month introduced software that uses switches as enforcement points to shut down attacks on business networks, making it possible for users to quarantine infected machines that propagate malicious code.

New software for the company’s TippingPoint Intrusion Prevention System lets the IPS intervene if individual machines violate security policies. The package requires no dedicated quarantine client on each device, which would require administration time to distribute, configure and maintain.

The new software can apply security policies to an IP device on the network including servers, desktops, PDAs, IP phones and printers. When devices log on to the network via 3Com’s automatic media access control (MAC)-based Radius Authenticated Device Access (RADA), it grants access to authorized virtual LANs and QoS on the network.

Other vendors are making similar efforts to block attacks and minimize any damage. Alcatel and third-party intrusion detection vendors team to use the company’s Automated Quarantine Engine in Alcatel switches. Nortel’s switches also support third-party intrusion-detection systems. Cisco’s Clean Access software imposes similar restrictions. Enterasys’ Automated Security Manager quarantines traffic via its switches.

The 3Com quarantine software works with any vendor’s switches, but 3Com says response time for taking enforcement action is faster with 3Com switches by a matter of seconds, but has no specific numbers to support the claim.

With 3Com’s gear, when a device connects to the network, its MAC address and IP address are logged, as well as the switch port where the device is connected. If the IPS identifies the device as generating malicious traffic, the TippingPoint IPS can trigger remedial action such as shutting down the switch port or redirecting the machine to a secure VLAN that displays a Web page explaining what has happened. For instance, the page might say the machine has been infected by a virus and to contact the help desk.

The software is an upgrade to current TippingPoint IPS and ships with new orders. 3Com also is announcing a new switch family, the 5500 series stackable switches, and the 7750 modular switch chassis.

The 5500 series includes both 10/100M bit/sec and Gigabit Ethernet models and comes with either 24 or 48 ports. The gigabit platform supports Power over Ethernet (PoE), as well as fibre connections.

The boxes come with two different software loads, standard and enhanced. The enhanced versions enable stacking eight of the switches rather than two and supports link aggregation to create larger logical links and to support redundancy.

The 7750 modular switch supports 48-port 10/100 or Gigabit Ethernet cards and comes in a four-slot and a seven-slot version. So the smaller version can deliver PoE to 144 ports and the larger to 288 ports. Described as a PoE update for the 3Com 7700 switch, it lacks a redundant management card, something that was available with the 7700.

3Com also is announcing upgrades to its Enterprise Management System that supports role-based access to management functions and logging of rules changes that can be used for auditing to meet regulatory requirements such as the Health Insurance Portability and Accountability Act and the Sarbanes-Oxley Act. The platform also supports improved integration with umbrella management systems such as Tivoli, OpenView and Unicenter, making it simpler to manage multiple thousands of devices.

The 10/100 models ship this month; the gigabit models ship in September. Non-PoE 10/100 switches range from US$2,500 to US$4,500, and from US$3,800 to US$6,500 for PoE.

QuickLink: 053593

Related links:

Networks need internal security to be truly safe from harm

McAfee releases VirusScan with intrusion prevention

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Empowering the hybrid workforce: how technology can build a better employee experience

Across the country, employees from organizations of all sizes expect flexibility...

What’s behind the best customer experience: How to make it real for your business

The best customer experience – the kind that builds businesses and...

Overcoming the obstacles to optimized operations

Network-driven optimization is a top priority for many Canadian business leaders...

Thriving amid Canada’s tech talent shortage

With today’s tight labour market, rising customer demands, fast-evolving cyber threats...

Staying protected and compliant in an evolving IT landscape

Canadian businesses have changed remarkably and quickly over the last few...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now