WAN Support and Integration">
Cisco licenses CSA as a console station that runs on a server; CSA software agents are deployed on neighboring servers and desktops. A CSA starter kit includes the console, one server and 10 desktops for $3,000. Additional server agents cost $1,775, and a 25-desktop pack lists for $1,625.
Instead of scrambling to apply emergency patches from software vendors, Shorewood should be able to update its systems on a more predictable timeline with CSA.
"Shorewood will be protected from new, unknown attacks without making any ongoing changes to individual machines," said Jennifer Roback, vice president of sales at Praxis, in Los Angeles. "Because of this, we expect Shorewood to see a very quick return on investment from the CSA deployment, as well as a greatly increased level of network security."
Assuming the pilot test goes well, Shorewood expects to roll out CSA across its seven offices over a 30-day period this spring. "The bulk of the work is in the initial pilot, where well customize CSA for Shorewoods environment," said Roback.
CSA has default settings for desktops, Web servers, e-mail servers and more. During the pilot test, the CSAs wont interrupt or block Shorewood user activities at any time. Instead, the agents log all network activities they recommend denying. After a few days of logging, Praxis will use the information to develop rules for permitted and denied network activities. Once the customized CSA rules are outlined, Shorewood can deploy the software agents rapidly over the network using a single executable.
Equally important, ongoing CSA updates from the server to the client agents are automated. "Any future updates to the rules are made at the console application," said Roback. "They are propagated automatically to the client agents, which periodically poll the server for changes."
Shorewoods vital stats
Customer Shorewood Realtors
Organization snapshot One of Los Angeles leading residential real estate
firms; the companys 357 agents generate $1.88 billion in annual sales
Business need An enhanced security solution that protects Shorewoods seven-office
network from rogue software and potential attacker
Technology partner Praxis Computing, a Los Angeles-based solution provider
and longtime Cisco reseller
Recommended solution CSAs to be deployed on Shorewood servers and desktops
Project timeline Pilot test this month with complete deployment shortly thereafter
Project cost Undisclosed, although a CSA starter kit includes the console,
one server and 10 desktops for $3,000
This isnt the first time Shorewood has turned to Praxis for integration services. Their relationship began more than 10 years ago, when Shorewood sought a solutions provider to develop a commission database for its sales agents.
"Based upon our success with that project, I recommended that the rest of Shorewoods management team engage Praxis to provide strategic direction for the firms technology infrastructure," said Edwards.
The move paid off. Praxis has since designed a WAN that blankets Shorewoods central office and six field offices throughout Los Angeles South Bay. Each field office has a Cisco 2950 Series switch and a 1700 Series router. Frame relay connects branch routers to the central office, which houses a Cisco 2600 router and a Cisco Catalyst 4503 switch.
The corporate office maintains several servers that manage Web, database, e-mail and file services for all the offices. A Cisco PIX 520 firewall and Cisco 4210 IDS (intrusion detection system) protects the entire network from probing eyes and would-be attackers. Naturally, the IDS will work side by side with the CSAs.
For mobile sales agents, each Shorewood office has kiosk stations with secure access to Shorewoods network services as well as the Internet. Group policies lock down the Windows XP-based kiosks, permitting only Shorewood-approved applications to run.
Agents can also access Shorewoods network from afar. Using an assigned password and user name, agents working remotely can access a secure intranet that includes marketing materials, real estate statistics and Shorewoods full property listings database. Remote intranet connections are secured using 128-bit Secure Sockets Layer.
Moreover, Shorewoods corporate officers can remotely access additional areas of the corporate network using Ciscos VPN client software and Cisco 831 routers, which connect to the PIX firewall.
Joseph C. Panettieri (firstname.lastname@example.org) is editorial director at New York Institute of Technology (www.nyit.edu). He has covered Silicon Valley since 1992.
Check out eWEEK.coms Security Center at http://security.eweek.com
for security news, views and analysis. Be sure to add our eWEEK.com security news feed to your RSS newsreader or My Yahoo page: