Ciscos Catalyst Switches Boast Performance, Security Advances
Cisco continued its march to advance its Intelligent Information Network vision for embedding advanced services into the network with a range of new software and hardware enhancements for the Catalyst line of modular and stackable switches.Like Prussian soldiers, Cisco Systems Inc. continued its march to advance its Intelligent Information Network vision for embedding advanced services into the network with a range of new software and hardware enhancements for the Catalyst line of modular and stackable switches. The enhancements, launched Thursday at the CeBIT exhibition in Hannover, Germany, span the Catalyst 6500, Catalyst 4500 and Catalyst 3750 network switches, bringing new security, manageability and performance to the network core, data center and wiring closets. New software-based security enhancements, applicable across all Catalyst switches, layer on such new features as the ability to lock down ports to prevent MAC address flooding attacks; prevent attacks coming from false DHCP servers; and restrict network access through port-level Access Control Lists. Cisco also extended the authentication capabilities in standard IEEE 802.1x to be able to assign authenticated traffic to a specific virtual LAN or add QOS (quality of service) features as well as prevent denial-of-service attacks by dynamically inspecting Address Resolution Protocol traffic and binding appropriate MAC and IP addresses to specific ports.
"Were looking at how to make the physical network provide a layer of defense. With [distributed denial-of-service attacks], spoofing and other attacks bogging the network down, you need pervasive security within the switch to mitigate such attacks," said Steven Shalita, senior manager for worldwide product marketing at Cisco in Hannover.