As part of its self-defending network security effort, Cisco Systems this week introduced a range of network appliances, software enhancements, and services designed to help business networks better identify and more quickly respond to security threats. The so-called Adaptive Threat Defense products aim to provide broader protection by taking a multilayer approach to network security.
The Cisco products will help network managers impose greater control on the way their networks are used and make it easier to fight off threats. But while the broad product rollout may pose a competitive threat to rival security vendors such as Symantec and McAfee, it doesn't eliminate the need for individual security products that most businesses already have deployed, according to analysts and customers.
"Cisco is offering some pretty powerful things for fighting well-known security threats, like known worms and viruses," says Gartner analyst John Pescatore. "But there are new threats coming along all the time, so companies will still need security products to block threats that are external to the network."
The products include an upgraded intrusion-prevention system, modules designed to spot anomalous behavior on the network that might indicate a distributed denial-of-service attack is under way, software to enforce security policies and protect against spyware and malware, several appliances that monitor and inspect traffic flowing over a network, a virtual firewall, and a network control-and-containment system to let administrators more easily monitor and manage network activity and threats.
Chris Fairbanks, principal network architect for ePlus Inc., which provides asset management and E-procurement systems for businesses, has been using or testing several of the new products. Cisco's approach to building greater security capabilities into its network products "is making our lives easier by trying to prevent outages before they happen," he says. "They make sure machines aren't infected before they connect to the network and stop and contain viruses if they do get in."
Cisco's centralized monitoring, analysis, and response system, known as Mars, makes it easier to watch over all of the security devices ePlus has deployed. "It provides a single point of view so I can see exactly what's going on," he says. "You can't put a price tag on that."
Cisco's security products don't replace network firewalls or antivirus software on PCs, but they do provide protection for the "inside" of the network, he says. "Everything in the middle was wide open, and the self-defending approach helps a great deal in that area." Fairbanks says those capabilities are especially useful if an unhappy employee or a hacker gains access to the network and then tries to cause mischief.
Cisco's efforts to build more security features into its networking equipment and Microsoft's efforts to make its operating systems more secure could put pricing pressure on other security vendors, says analyst Pescatore. "Neither company is dependent on security products for revenue."
Cisco's products, however, don't solve one of the major security problems that many business faces: employees improperly configuring servers, routers, and switches. "If your people are the source of the problem, they will end up misconfiguring the security stuff also," he says. "So there will still be a need for separate security layer to catch when people make mistakes."
The new Cisco products include: