San Francisco — Cisco Systems Inc. released ten security products at the annual RSA Conference last month aimed at extending the firm’s defense technologies to the upper layers of enterprise networks.
The products are part of Cisco’s latest phase of its so-called Self-Defending Network strategy, a wide-ranging set of products that aims to give IT departments a greater ability to manage security risk and prevent the likes of viruses, malware and spam from crippling business systems and network applications.
Cisco’s concept of addressing security problems not only at the lower, physical layers of the network but also at the higher, more application-oriented ones is part of the firm’s Adaptive Threat Defense (ATD) strategy.
ATD is a piece of Cisco’s Self-Defending Network push. Some of the main releases include: the Cisco intrusion Prevention System (IPS) version 5, services which aim to assist and work alongside what Cisco terms Anti-X defenses: antivirus, anti-spyware and worm-mitigation capabilities; the Cisco PIX Security Appliance Software version 7.0, which offers inspection of HTTP, voice and IP-based applications traversing the network; and the Cisco Security Monitoring, Analysis and Response System, (CS-MARS), which offers network security event correlation and policy auditing. Richard Palmer, vice-president and general manager, VPN and security for Cisco, touted the ease of manageability of the new products.
In the Cisco Security Auditor (CSA) offering, for instance, IT managers can have the product itself examine the network and recommend what kinds of security parameters should be established to serve up an appropriate level of defense.
“We provide very specific recommendations on what you should do where and when as opposed to (an attitude of), ‘Here’s the knob, you figure it out.’ In some cases we provide a rich set of default parameter settings, so the CSA comes with a default rules set that basically allows you, out of the box, to be protected against all the various threats,” Palmer said. “We also have a profiling mechanism, where you put CSA in, you turn on the profiling mechanism, and it will profile what normal behaviour is (on your network.)”
Palmer said IT shops that subscribe to Cisco’s overall security strategy will “be able to take deep breaths” while those that survive by patching will feel overwhelmed by the many elements that constantly threaten to bring down networks.
Many of those elements were hot topics of discussion throughout the RSA Conference, including the opening keynote delivered by Microsoft Chairman and Chief Software Developer Bill Gates. He said that 75 per cent of all security problems affecting IT are occurring at the application level. On a more positive note, Gates announced that some anti-spyware capabilities would be made available for free to Windows users this year, and added that such capabilities might be built into operating system releases in the future.
One analyst attending the show said that customers are feeling the negative effects of security threats, especially the financial services sector.
“Banks are knowing they have to do more about (the problems involved with user authentication),” said Avivah Litan, security analyst with Gartner Group. “They are very sensitive to fraud losses. They’re not talking about it but they are feeling the pain of it.”
By end of 2007, three quarters of banks will be using something stronger than mere passwords to get users to identify who they are, the analyst predicted.
She also said that a big part of the overall security challenge is that hackers will always take the easiest route when looking to cause havoc; staying on top of every potential outlet of exploitation is a tall task.
“Credit card fraud has always been the biggest problem, but the crooks are looking for the path of least resistance. For instance, checking accounts haven’t kept up with the strong defenses that have grown up around credit cards,” and are therefore representing a fresh opportunity for theft.