Cisco Systems has continued its recent security push with several new products designed to better-protect Cisco networks and an acquisition geared towards enhancing the company's SSL-based remote access VPN equipment.
The security enhancements include new features in Cisco IOS in addition to the new products.
IOS Software Release 12.3T includes the Cisco IP Source Tracker, a "transparent" firewall and support for extended SMTP.
The IP Source Tracker is designed to protect networks from Denial of Service (DoS) attacks, manager of security platforms in Cisco's VPN and security business unit, SCott Pope, said.
When companies see a DoS emerging, they can turn on the source tracker of the router nearest the threatened application server.
The source tracker collects stats and traces traffic throughout the network to find out where the DoS traffic is coming from, Pope said. Once IT staff have identified the ingress point of the DoS traffic, they can rate limit the traffic, or shut it down entirely.
"With the IP Source Tracker, people can now do this in five minutes or so, instead of spending an hour or more," Pope said.
The transparent firewall feature allows the firewall built into IOS to do access control and filtering based on Layer 2, Ethernet or MAC address information. This allows customers to segment the network into "trust" zones.
"For example, someone coming in by wireless LAN would have more stringent requirements," Pope said. "You could control the servers they can get to. Instead of having to know the IP addresses for those individual people using the wireless LAN and doing the access control policy that way, you could have any traffic coming in over the MAC address or Ethernet address on the wireless LAN access point have the tighter security policies."
The IOS firewall now includes support for Ipv6, allowing it to inspect both Ipv4 and Ipv6 traffic. It also supports Extended SMTP, giving customers better packet inspection capabilities on their mail traffic.
Finally, Cisco has built a couple of new safeguards into the latest IOS version. A control plane policing feature protects some of a router's resources, allowing network managers to access the router even if it's under a DoS attack. A role-based command line interface feature lets companies define access based on roles, so the chances of a staff member misconfiguring a security setting is reduced.
Cisco's acquisition of privately-held Twingo Systems in March for $US5 million also had a security theme. Twingo makes SSL VPN products for desktops. Cisco plans to incorporate Twingo's Virtual Secure Desktop into Cisco's WebVPN product, beginning with Cisco's VPN 3000 Concentrator series.
Twingo's product appealed to Cisco, because it wipes out sensitive data such as temporary files, history files, caches and cookies at the end of an SSL VPN session.
Cisco, as the pre-eminent supplier of enterprise network equipment, is in a good position to integrate security at the network level, director of Infonetics Research, Jeff Wilson.
"Cisco really is the only vendor that can take this position, because they not only offer the security products but the network equipment as well," he said.
But there are caveats. Since Cisco is trying to be a one-stop shop, its technologies may not always measure up to products from more specialised vendors.
"A lot of companies that sell stand-alone products would take issue with the quality of the individual (security) components that Cisco has," Wilson said.
Over the long term, Cisco is also going to have to address issues such as Web services and application-level security, he said.