From Cisco, self-defense weapons for networks

On Monday, the company plans to announce new capabilities in its routers to help protect corporate networks from viruses and worms, two sources close to the company confirmed on Friday.

The release is the first phase Network Admission Control (NAC), a collaboration program between Cisco and antivirus companies. Through this program, Cisco has developed technology with three antivirus specialists--Network Associates, Symantec and Trend Micro--that will let Cisco's networking products communicate with antivirus products.

Devices running NAC technology will allow network access only to compliant and trusted endpoint devices, like PCs and PDAs (personal digital assistants). NAC can also restrict access of noncompliant equipment. This decision can be based on information about the endpoint device, such as its current antivirus state and operating-system patch level.

		Get Up to Speed on... Enterprise security Get the latest headlines and company-specific news in our expanded GUTS section.

Cisco will initially embed the technology in its software routers, which are generally used to connect corporate networks to the Internet.

In the second phase of the program, the company plans to extend this offering to its Catalyst 2900 to Catalyst 6500 switches. These switches are often used to connect users within the same building. The technology will also enable the capability on the VPN 3000 remote access product, which provides remote connectivity to the corporate network.

Extending security to these network elements helps Cisco fulfill its vision of protecting the entire network. Eventually, all Cisco routers and switches will be checking end devices connected to them for worms and viruses. And a remote user will not be able to connect to the corporate network unless his or her device is free of viruses and worms.

For Cisco to achieve its networking vision, it has to expand this security technology throughout its product line, Yankee Group analyst Zeus Kerravala said.

"In order for the self-defending network concept to work, Cisco needs to have this technology on devices throughout the network," Kerravala said.

Cisco plans to open the collaboration program to other antivirus vendors. The company is also trying to integrate more security technology into its products. Earlier this month, it extended its relationship with Trend Micro. Initially, Cisco plans to combine Trend Micro's network worm and virus signatures with the its Intrusion Detection System (IDS) software implemented in its routers, switches and network security appliances.

The NAC program and Cisco's relationship with Trend Micro fall in line with Cisco's strategy on security, which is to embed as much security technology as it can throughout the network, so that the network itself can detect and defend against malicious attacks.

Cisco is not the only networking company to take this strategy. Enterasys Networks also includes similar security features on its products. Like Cisco, Enterasys has embedded intrusion detection and prevention and antivirus functionality into its networking gear. But Kerravala said that even though Enterasys might be ahead of Cisco in terms of the features it offers on individual switches and routers, it will likely continue to struggle to gain market share against Cisco.

"This message of network-based security is harder for Enterasys to sell because most customers don't have an entirely Enterasys network," he said. "Cisco has gear in almost every network, which makes this strategy easier to implement."