SAN JOSE, Calif., February 18, 2003 - Cisco Systems, Inc. today unveiled an array of new intrusion protection and firewall extensions to its integrated security portfolio. These new platform and software enhancements underscore Cisco's integrated security strategy to tightly link network and security services for dynamic protection of business-critical applications and services.
Advancements in Intrusion Protection
Customers, increasingly challenged by false alarms, recognize the value of intrusion protection technology but have been reticent to adopt it broadly for fear of spending the majority of their time discerning false alarms from real attacks to their networks.
To address this challenge, Cisco® is introducing Cisco IDS Software Version 4.0, new Cisco Threat Response (CTR) technology, the Cisco IDS 4250-XL Sensor and Cisco Catalyst® 6500 Series Intrusion Detection System (IDSM-2) Services Module, and improved intrusion protection management. Together these products and technologies are designed to deliver:
- Accurate threat detection and mitigation: Cisco IDS Software Version 4.0 provides extended threat detection and classification capabilities, including stateful pattern recognition as well as protocol and traffic anomaly detection. This delivers advanced protocol monitoring, analysis and automated response capabilities for more accurate threat detection and attack mitigation. A new easy-to-use, flexible policy language gives customers' added customization and tuning.
- Intelligent and rapid threat response: Through Cisco Threat Response Technology (CTR), customers can reduce false alarms by up to 95 percent, escalate real attacks, and eliminate costly intrusions. CTR's unique intelligent threat investigation techniques conduct detailed, "just-in-time" system investigations, capturing forensic evidence, and automating the traditionally manual process of intrusion investigation for fast and cost-effective results.
- High-performance intrusion protection: Two new intrusion protection systems raise the performance bar for today's demanding network IDS sensing environments. The Cisco IDS 4250-XL Sensor delivers gigabit performance in a flexible configuration chassis, and the Catalyst 6500 IDSM-2 offers 600 Mbps of high-performance, network-integrated protection.
- Enhanced intrusion protection efficiency and reliability: Cisco IDS Software Version 4.0 provides a consistent software deployment across all network-based IDS platforms, including specialized appliances and switch security modules. New intrusion protection management capabilities reduce complexity and simplify operations giving customers access to unified security monitoring, including security event correlation and reporting, as well as comprehensive configuration capabilities. Together, this provides customers with network-wide administrative consistency and operational cost reductions.
"As the industry-leading content management and portal solution provider, Vignette appreciates the importance and value of accurate network threat investigation and mitigation to sustain business productivity," said Selim Nart, senior network engineer at Vignette. "Cisco's intrusion protection offerings are part of our ongoing initiatives to maximize network and business up-time."
Extensions to Market-Leading Cisco PIX Firewall Family
New Cisco PIX® Firewall software and hardware-based VPN acceleration capabilities extend Cisco's market leadership in offering high-performance, integrated security services for converged data, voice, and video environments.
New extensions include the Cisco PIX Firewall Software Version 6.3, VPN Acceleration Card+ (VAC+), and PIX Device Manager Version 3.0 (PDM), and provide customers the following:
- Increased availability, performance, and integration: Cisco PIX Firewall Software Version 6.3 incorporates new support for Open Shortest Path First (OSPF) routing and virtual LANs (VLANs), allowing full participation in load-balancing, fast-route convergence, and Layer 2 networking for increased availability, performance, and integration.
- Enhanced VPN performance and services: The VAC+ improves VPN performance by up to 400 percent and adds support for the Advanced Encryption Standard (AES) with up to 256-bit keys, setting a new price/performance bar for enterprise-class firewall solutions.
- Extending VoIP security leadership: The Cisco PIX Firewall now enables secure deployment of voice-over-IP (VoIP) and multimedia applications with new or enhanced support for eight VoIP protocols and facilitates secure distributed call-processing environments typically offered by service providers through the new Media Gateway Control Protocol (MGCP) standard.
- Increased security threat visibility and operational efficiency: PIX Device Manager (PDM) Version 3.0 provides improved security threat visibility through data gathering on tested or triggered security policies and log message management. Simplified remote management of Cisco PIX firewalls over VPN connections provides added efficiency and reduces total cost of ownership.
New enhancements to the Cisco PIX Easy VPN service provides a new level of device and user authentication and enhanced scalability with improved VPN resiliency when integrated with the Cisco VPN 3000 Series Concentrator. Together these new capabilities provide enhanced security, maximize VPN uptime, improve productivity and reduce operational costs.
"This announcement shows Cisco's commitment to delivering on their integrated security strategy," said Jeff Wilson, Executive Director of Infonetics Research Inc. "The combination of Cisco's security appliances with network-wide embedded security services, including intrusion protection and firewall technologies, offers customers advanced protection from threats to business-critical applications and services."
Pricing and Availability
Cisco IDS solutions: Cisco IDS Software Version 4.0 is available today across all network-based IDS solutions at no charge for customers with SMARTNet contracts. The Cisco Threat Response technology is available today across all network-based IDS solutions at no charge. New intrusion protection management capabilities are available today for download as an update to the CiscoWorks VPN/Security Management Solution (VMS). The Cisco IDS 4250-XL Sensor is scheduled to be available in March for $39,995 USD. The Catalyst 6500 IDSM-2 module is scheduled to be available in March for the Catalyst 6500 Series for $29,995 USD.
Cisco PIX Firewall solutions: The PIX Software Version 6.3 is scheduled to be available in March across the PIX Firewall appliance line at no charge for customers with SMARTNet contracts. The VAC+ card is scheduled to be available in March for select Cisco PIX 515E, 525, and 535 firewalls as a no-charge option. The Cisco PIX Device Manager Version 3.0 is scheduled to be available in March at no charge for customers with SMARTNet contracts.