A buildup in network menaces has prompted Cisco Systems Inc. to wage an all-out war by developing a new program that the company said will do more to protect computer networks than intrusion detection systems and firewalls.
John Chambers, president and CEO of Cisco, outlined the company’s latest strategy last month. Called the Cisco Network Admissions Control (NAC) program, Chambers said the idea is to prevent incidents like the recent Blaster and Slammer worms by scanning devices when they attempt to connect to a corporate network.
Developed in conjunction with antivirus vendors Network Associates Inc., Symantec Corp. and Trend Micro Inc., Cisco said the initiative will tackle the risks posed by mobile and remote workers who connect to corporate networks.
The NAC essentially detects non-compliant devices – those that may harbour viruses – and denies network access or quarantines the device until the network administrator can correct the problem. According to Charles Giancarlo, a senior vice-president with Cisco, the NAC’s underlying technology – Trust Agent – is installed on laptops, home PCs and mobile devices that connect to corporate networks. Trust Agent determines certain levels of security, such as whether a device has been recently patched or has the latest virus recognition files.
“The explosion of wireless, mobile devices and pagers has made the corporation much more vulnerable to attack,” said George Samenuk, CEO of Network Associates.
“We need automated and proactive solutions that can defend against threats like viruses immediately when they occur,” Chambers said.
Network Associates, Symantec and Trend Micro have licensed the Trust Agent software from Cisco and will be integrating it into their own software clients, Cisco said.
For investment firms like New York-based Morgan Stanley Individual Investor Group, keeping assets and strategic information safe is a critical task. According to Lance Braunstein, chief information security officer with the financial services firm, Cisco’s strategy will essentially enable Morgan Stanley to apply consistent security policies to machines that access the company’s network.
The program marks a shift in tactics for addressing threats, according to Chris Christiansen, an analyst at Framingham, Mass.-based IDC. “There’s a recognition that the network is the true destination of the attack and that routers and switches need to have the ability to protect the network,” Christiansen said.
Cisco expects the first NAC rollout by mid-next year, but said it plans to roll out the program in-house now.