“Everything that plugs into the network should have some level of security,” said Alex Thurber, director of security for worldwide channels at Cisco Systems Corp. To that end, Cisco Systems Corp. unveiled its Security Management Suite for its ongoing network is the platform strategy today.
The company, based in Santa Clara, Calif., wants to plug all security holes in networks, whether they are entirely built with Cisco equipment or from competing vendors.
The Cisco Security Management Suite will be part of its self-defending network lineup. The suite includes a new Cisco Security Manager (CSM) as well as a new version of the Cisco Security Monitoring, Analysis and Response System (Cisco Security MARS) version 4.2.
“We believe to properly secure businesses you must do it at the network layer,” Thurber said.
“To do that, security has to be integrated and build into the network and be able to collaborate and share information about things that happen so fast. Ultimately, it needs to be adaptive to respond to unknown threats,” he said.
He added that CSM needed to be improved especially in the management side. Thurber said that since customers come in different shapes and sizes, there is a need for a security manager that was comprehensive and easier to use.
The MARS product line comes from Cisco’s 2005 acquisition of Protigo, which produced a monitoring and mitigation product. MARS is able to scope out firewall, VPN, intrusion prevention and other security devices along with routers and switches from Cisco and non-Cisco equipment.
“We believe that when something is attacking it impacts the entire network, not just security devices. If you detect a security problem at the router or switch, which is at the perimeter of the network the MARS box reports the problem and you have a jump on stopping it before it reaches the entire organization,” Thurber said.
MARS can also enable an IT manager to look at all network devices from a policy view and a topology view.
Stefan Dubowski, industry analyst for Decima Reports of Ottawa, believes the enhancements illustrate the drive towards built-in security, something many of the communication equipment makers are interested in.
“It makes sense. As networks become more distributed, deep security becomes all the more important. It’s harder to control individual network elements when they’re so far flung, and digital threats show little signs of slowing. The over-arching management that the CSM is supposed to provide might be just the thing to bring network security in line with this trend,” Dubowski said.
He added that these new offerings illustrate Cisco’s commitment to this self-defending network strategy, while tying in another Cisco endeavour — intelligent information network.
“It’s as though Cisco wants the network to provide something more than simple data carriage. It wants the network to reach up and aid applications, provide protection. It wants the network to become something more sophisticated, a strategic investment for the enterprise rather than a boring old necessity. The self-defending network is an important aspect of this transformation,” he said.
Cisco also updated its SSL-VPN offering with its ASA 5500 Series.
The series offers unified VPN services such as remote access, extranet and site-to-site VPN along with integrated threat mitigation.
According to Thurber, this box can replace four or five devices. “It’s at least a four-to-one cost savings and it’s not just all upfront costs, but management costs as well,” he said.
ASA 5500 can cluster up to eight boxes, which gives the customer the ability to support 40,000 simultaneous SSL connections.
“For a partner, you do not have to learn any new technology and you have a box that can scale from 250 users or connections of up to 40,000 based on the same technology,” he said.