Cisco Raises Self-Defending Network's Power to a New Level
New Releases Boost Integrated, Collaborative and Adaptive Security Across Networks For More Efficient - and Intelligent - Protection
SAN JOSE, Calif. - February 5, 2007 - Cisco® today announced significant new capabilities for enhanced collaboration among several products and services in its security portfolio, simplifying the ability for organizations to control and contain information security threats in a more coordinated, flexible fashion across networks while streamlining management and protecting confidential communications to remote users.
The collective enhancements involve Cisco's Intrusion Prevention System (IPS), Cisco Security Agent (CSA), Cisco Security Mitigation Analysis and Response System (CS-MARS), Cisco Security Manager (CSM) and Cisco's Secure Sockets Layer virtual private network (SSL VPN). Together, the enhancements mark the latest evolution of Cisco's Self-Defending Network - a comprehensive framework incorporating various endpoint and network security products into an integrated, collaborative and adaptive security solution for organizations of all sizes.
According to Mick Scully, vice president of product management for Cisco's security business, the increasing danger of information security threats - both from their profit motive and impact to productivity - make collaborative threat control and protection of confidential communications more than just an IT requirement. It's a mission-critical business requirement.
"As organizations become more distributed, traditional approaches to network security must give way to more progressive requirements," Scully said. "Organizations can't rely on standalone or one-dimensional security products anymore. They need to unify individual security components - from network and endpoint devices to centralized analysis and management tools - into an integrated security system. That system should constantly coordinate protection wherever threats extend. Collaborative security allows organizations to extend network availability, share information and improve operational efficiency with greater peace of mind."
Collaborative Threat Control: Securing the Whole Network
Cisco's enhanced security portfolio includes Cisco IPS 6.0, CSA 5.2, CS-MARS 4.3, and CSM 3.1 - four products that combine to coordinate visibility, network-wide protection, simplified policy management and dynamic threat mitigation in order to maintain business continuity. These releases strengthen Cisco's approach to coordinated defense by extending beyond the typical standalone nature of these product classes and establishing a vital relationship between the network and its endpoints. This helps ensure that all potential entry points can be protected in a coordinated fashion.
For example, information-sharing between IPS 6.0 and CSA 5.2 minimizes false positives and helps enable IPS appliances to block threats before they proliferate. IPS 6.0 also features adaptive "day zero" anomaly detection and behavioral analysis that identify worms and other malicious activity by searching for suspect network traffic patterns, and it integrates with third-party scanners to enrich threat analysis used to take protective actions. Other adaptive features include the ability to dynamically adjust "risk ratings" based on attack relevance and to deploy automated event and action filters that correspond to specific operating systems.
"The sophistication and coordination inherent in Cisco's IPS 6.0 provide an intelligent, enterprise-wide threat-control solution that paves the way for greater productivity," said Tami Martin, intrusion detection system engineer for Argonne Labs. "Collaborative security systems allow operations to proceed fluidly, regardless of threat conditions outside our walls. That's a refreshing thought. At the end of the day, Cisco gives us more than just a productivity advantage. It gives us a competitive advantage - secured business operations."
The enhanced security collaboration also extends to new quality of service (QoS) and wireless controls in CSA 5.2. For example, CSA 5.2 enables policies for mobile endpoints like laptops to restrict ad hoc service system identifiers and encryption methods and to require secured VPN connections from out-of-office locations. Together these new policies help businesses protect increasingly mobile workforces.
With tight coordination between IPS 6.0 and CSA 5.2, network-wide threat activity is conveyed to CS-MARS, which aggregates information within a single appliance. It conducts sophisticated network behavioral analysis and, after understanding the threat landscape, coordinates with CSM 3.1, which applies appropriate changes to policies across the enterprise.
"What you have is network-wide threat intelligence gleaned from systems and devices that talk together and coordinate protection end to end," Scully said. "It allows customers to identify various threats - policy violations, vulnerabilities, exploits, and anomalous behavior - and simplify management of their threat-control systems. Collaborative intelligence enables simplified, cost-effective control, resulting in adaptive response to real-time threats."
"Collaboration is the key requirement for our security strategy, and Cisco's system approach to collaborative security is unparalleled in the marketplace," said Carl Goodman, information services manager for California-based Premier Valley Bank. "We rely on Cisco's collaborative security solutions to coordinate protection across our business. We rely on the managed IT services provider HEIT Consulting as a strategic partner to bring this to life. Together with Cisco and HEIT, we're able to secure our internal operations, protect our customers and comply with industry regulations. Simply put, Cisco and HEIT alleviate much of our stress around security."
SSL VPN Enhancements Within Cisco ASA Strengthen Remote Access Security
In addition to its advances in collaborative threat-control, Cisco announced a new wave of SSL VPN enhancements to the software that drives its Adaptive Security Appliance (ASA) family of products, which offer integrated firewall, IPS, anti-malware, and VPN functionality. The latest ASA 8.0 software raises the bar for SSL VPN solutions, complementing Cisco's proven IPsec solutions with features that lower IT's cost of ownership even as organizations become more distributed and their users more mobile and remote. ASA's SSL VPN updates include:
- Clientless VPN with enhanced portal design for highly customizable user experience including personalized bookmarks, RSS feeds, and localization support.
- Cisco's next-generation "AnyConnect" VPN client, with broader operating system support for Microsoft Vista and Windows, MAC OS X, and Linux.
- Mobile devices are supported today via clientless access, and a full Cisco AnyConnect client for Windows Mobile is planned.
- Optimized network access for voice over IP (VoIP) and other latency-sensitive traffic.
- Ability to create "smart tunnels" that provide policy-driven applications specific access without requiring administrative rights.
- Embedded Certificate Authority (CA) and additional user credential options simplify authentication.
- Direct mapping of Windows Active Directory membership to VPN access simplifies IT's security management by automatically granting users appropriate VPN permissions.
- Posture-assessment extensions adjust users' VPN permissions more efficiently.
- Intuitive management via ASA's Adaptive Security Device Manager, CSM 3.1.
"Capgemini opens up the knowledge of our entire organization to all of our employees, and Cisco's SSL VPN offering helps enable secure access to our mission-critical applications for thousands of consultants across customer sites," said Alex Zuiderwijk, network and security manager for Capgemini Netherlands. "Even on customer-managed PCs where access privileges are limited, we can offer our consultants customized access to essential network resources in a secure way."
Enhancements to Lifecycle Security Services Enrich Threat-Control Operations
Cisco Lifecycle Services maximize benefits of these collaborative enhancements by helping customers deploy solutions more efficiently. Cisco has introduced additional capabilities to its Security Services portfolio, including a new Security Center portal, Cisco Security IntelliShield Alert Manager Service, and Cisco IPS Signature Management Service.
The Security Center portal provides a central source of information on current security activity, guiding Cisco products and services to mitigate threats. Cisco IPS Signature subscriptions provide access to the Cisco Security IntelliShield Alert Manager's database to offer broad intelligence on IPS events. This enhancement, combined with an upcoming feature allowing customers to correlate IPS signatures to IntelliShield alert information, helps speed the remediation of potential attacks. In addition, the Cisco IPS Signature Management Service simplifies day-to-day operations of IPS devices by deploying and tuning signature updates as they become available.
About Cisco Systems
Cisco, (NASDAQ: CSCO), is the worldwide leader in networking that transforms how people connect, communicate and collaborate. Information about Cisco can be found at http://www.cisco.com. For ongoing news, please go to http://newsroom.cisco.com.
Cisco, the Cisco logo, Cisco Systems, and the Cisco Systems logo are registered trademarks or trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. This document is Cisco Public Information.