Cisco's Self-Defending Network Strategy Takes A Step Forward

Cisco advances a portfolio of products under its "Adaptive Threat Defense," though companies are likely to stick with a range of vendors.



As part of its self-defending network security effort, Cisco Systems this week introduced a range of network appliances, software enhancements, and services designed to help business networks better identify and more quickly respond to security threats. The so-called Adaptive Threat Defense products aim to provide broader protection by taking a multilayer approach to network security.

The Cisco products will help network managers impose greater control on the way their networks are used and make it easier to fight off threats. But while the broad product rollout may pose a competitive threat to rival security vendors such as Symantec and McAfee, it doesn't eliminate the need for individual security products that most businesses already have deployed, according to analysts and customers.

"Cisco is offering some pretty powerful things for fighting well-known security threats, like known worms and viruses," says Gartner analyst John Pescatore. "But there are new threats coming along all the time, so companies will still need security products to block threats that are external to the network."

The products include an upgraded intrusion-prevention system, modules designed to spot anomalous behavior on the network that might indicate a distributed denial-of-service attack is under way, software to enforce security policies and protect against spyware and malware, several appliances that monitor and inspect traffic flowing over a network, a virtual firewall, and a network control-and-containment system to let administrators more easily monitor and manage network activity and threats.

Chris Fairbanks, principal network architect for ePlus Inc., which provides asset management and E-procurement systems for businesses, has been using or testing several of the new products. Cisco's approach to building greater security capabilities into its network products "is making our lives easier by trying to prevent outages before they happen," he says. "They make sure machines aren't infected before they connect to the network and stop and contain viruses if they do get in."

Cisco's centralized monitoring, analysis, and response system, known as Mars, makes it easier to watch over all of the security devices ePlus has deployed. "It provides a single point of view so I can see exactly what's going on," he says. "You can't put a price tag on that."

Cisco's security products don't replace network firewalls or antivirus software on PCs, but they do provide protection for the "inside" of the network, he says. "Everything in the middle was wide open, and the self-defending approach helps a great deal in that area." Fairbanks says those capabilities are especially useful if an unhappy employee or a hacker gains access to the network and then tries to cause mischief.

Cisco's efforts to build more security features into its networking equipment and Microsoft's efforts to make its operating systems more secure could put pricing pressure on other security vendors, says analyst Pescatore. "Neither company is dependent on security products for revenue."

Cisco's products, however, don't solve one of the major security problems that many business faces: employees improperly configuring servers, routers, and switches. "If your people are the source of the problem, they will end up misconfiguring the security stuff also," he says. "So there will still be a need for separate security layer to catch when people make mistakes."

The new Cisco products include:

  • Version 5.0 of its intrusion-prevention system, which includes in-line prevention services and antivirus, anti-spyware, and worm-mitigation capabilities. Customers with service contracts can get the software for free; others will pay $5,700.

  • An anomaly-guard module and a traffic anomaly-detector module for the Catalyst 6500 series of switches and 7600 series of routers, which are designed to protect networks against zero-day distributed-denial-of-service attacks. The guard module costs $80,000; the traffic module costs $35,000.

  • An upgraded Cicso Security Agent, which provides improved anti-spyware and anti-malware protection as well as support for Windows and Red Hat Linux. Prices start at $1,050.

  • Upgraded PIX Security Appliance software that inspects and controls a wide range of voice, IP, and HTTP network traffic. The software is free for existing customers with service contracts; prices start at $250 for others.

    • We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
    Comment  | 
    Email This  | 
    Print  | 
    RSS
    More Insights
    Webcasts
    More Webcasts
    White Papers
    More White Papers
    Reports
    More Reports
    Copyright © 2021 UBM Electronics, A UBM company, All rights reserved. Privacy Policy | Terms of Service