Cisco adds new features to help enterprises protect users from targeted attacks such as spear phishing emails crafted to trick users into clicking on a link.
updated its IronPort security family with two new features designed to combat
sophisticated email and Web threats, such as spear phishing.
unveiled the IronPort Outbreak Filters and Business Class E-Mail on July 13 at
Cisco Live in Las Vegas. The new features highlight what Cisco claims are new
trends in cyber-crime.
spam is still a problem, it is not growing at the same exponential rate, and in
some cases may be declining, Cisco said in a recent study. Since targeted
attacks are on the rise, Cisco created new security services to focus on the
new email and Web threats.
is using network intelligence to improve email and Web security.
Outbreak Filters are designed to fight off targeted attacks because, as a
recent Cisco study found, targeted attacks are highly lucrative and thus are
popular attack vectors. The filters run on a custom-built engine based on
IronPort and ScanSafe technologies and identify messages that may be part of a
a user opens an email message that fits the filter parameters, the IronPort
system rewrites the malicious URLs embedded in those messages to go through
Cisco's ScanSafe Cloud Web Security system. If the user still goes ahead and
clicks on the rewritten link, the Web content is passed through additional
Cisco filters in the cloud security service, which scans and identifies any
potential malware that may be on the site and blocks them from downloading when
the link is what allows us to scan the payload that would come from that site,"
said Nick Edwards, director of Cisco's Security Technology Business Unit. A
"deep scrub" helps determine the context of the link, he said.
phishing attacks use publicly available information online, including social
networking sites, to go after specific individuals the attackers have profiled
as likely to fall for the malicious email, Edwards said. The IronPort Outbreak
Filters offer enterprises a strong layer of protection for these kinds of
"low-volume attacks" where only a handful of people within the
enterprise are targeted, Edwards said.
of the recent high-profile attacks, including RSA
Ridge National Laboratory
Northwest National Laboratory
, originated as spear phishing attacks sent to
other feature, Business Class E-Mail, takes on the new era of threats such as
spear phishing by bundling together various authentication and filtering
technologies that can also handle user authentication. Business Class E-Mail
focuses on four main features, including automatic user identification,
embedded email controls, strong security and universal device support.
goal is to extend security to personal devices that employees use to access
corporate data in the workplace, such as smartphones and tablets, Cisco said.
It is platform-independent because it depends on plug-ins to hook into
appropriate operating systems. While Cisco plans to support smartphones,
initial support will be limited to iOS devices, with Android support coming
company incorporated its existing authentication services in single sign-on,
including Cisco Registered Envelope Service, Cisco IronPort WSA and WebEx into
Business Class E-Mail, and the existing email encryption product. New controls,
such as message recall, message expiration and read receipts, have also been
Class E-Mail is a "new approach" to email security as it combines the
network and the cloud, Edwards said.
officials also unveiled additions to the company's UCS (Unified Computing
System) infrastructure offering, Nexus switches and WAAS (Wide Area Application
Service) at Cisco