RSA: New Network Aims to Reel in the Phishes
Today Cisco formally announced a slew of new products and services produced under its Adaptive Threat Defense (ATD) framework, which Cisco describes as "the next phase" of its Self-Defending Network strategy.
The announcements represented some of the most dramatic advances in Cisco's product line since late 2003, when the company rolled out its Network Admission Control (NAC) program, and its largest launch in several years. They also indicate increased competition with more traditional security companies, such as McAfee and Symantec, as the company leverages the breadth of its product portfolio.
The Anti-X layer of ATD is designed to use firewall, intrusion prevention system, anomaly detection, and distributed denial of service (DDoS) mitigation technologies in conjunction with anti-malware services and URL filtering to preempt malicious network traffic before it spreads.
Anti-X duties are handled by several updates to existing Cisco offerings.
The company said its Intrusion Prevention System (IPS), which it updated to version 5.0 this week, now includes "new network anti-virus, anti-spyware and worm mitigation capabilities" in the Cisco IPS 4200 Series appliances and the Cisco Catalyst 6500 Series and 7600 Series Intrusion Detection System Module.
The Cisco Anomaly Guard Module and Cisco Traffic Anomaly Detector Module for Catalyst 6500 Series switches and 7600 Series routers were upgraded to version 4.0. Cisco says the new version introduces switch-integrated protection against DDoS attacks.
Cisco Security Agent (CSA) Version 4.5 was also released. The company says the new version offers malware/spyware protection, enhanced security state or "posture" assessment, location-based policy enforcement, and internationalization.
The application security layer of ATD provides access controls, application inspection, enforcement of application-user policies, web app control, and transaction privacy.
Upgrades in this area included the company's PIX Security Appliance Software Version 7.0, which the company said in its announcement "represents the largest feature release since its initial introduction."
The new version provides more inspection and control of Web traffic, as well as a Modular Policy Framework that grants net admins more control over individual apps and user traffic passing through firewalls. The company says benefits of the enhancements will include a dampening of the effects of bandwidth-hogging P2P traffic, and prevention of the problems posed by malicious users exploiting the effects of malformed packets.
IPS Version 5.0 and Cisco IOS Software Release 12.3(14)T were also announced, and include new application inspection and control aimed at providing better control of applications over port 80, and enhanced functionality in VoIP environments.
SSL VPN and Cisco Security Agent Get a Bump
Cisco also released Cisco Security Agent (CSA) 4.5. The new version of its desktop security software, introduced along with NAC in 2003, includes support for international Windows and Red Hat Linux, and increases integration with NAC, which provides a means to craft workstation access policies based on user credentials, physical location, or a given device's overall security posture.
Finally, the company added new capabilities to its SSL VPN, found in the VPN 3000 Concentrator Version 4.7. "Secure Desktop" functionality provides what Cisco refers to as "posture assessment" of connecting devices as well as post-connection clean-up that ensures no sensitive session information remains cached. It also includes a new dynamically downloadable SSL VPN client, which overcomes previous Web-app-only limitations and opens the VPN to use by most IP-based applications, including mail software. It also offers clientless support for Citrix users, removing the need for SSL VPN client software in Citrix environments.