Cisco Software Zeros In on DoS Attacks

An enhanced version of its IOS software offers management options in the heat of a denial-of-service attack. On the hardware side, Cisco rolled out a VPN concentrator and high-end router.

Cisco Systems Inc., facing strong competition in both its core router and switch business and its growing security business, greatly expanded its security portfolio with the introduction of several new security devices as well as a new firewall and some security upgrades for its IOS software.

The new additions to Ciscos product line come less than two months after one of the companys main competitors, Juniper Networks Inc., paid nearly $4 billion to acquire NetScreen Technologies Inc., a maker of integrated security appliances. The move was made in no small part to give Juniper the ammunition to take on Cisco on the security front.

/zimages/3/28571.gifRead more about the Juniper-NetScreen deal.

Now, Cisco is unveiling its own response. The biggest change to Ciscos lineup is the addition of a number of security capabilities to its IOS software, which runs on most of its devices. The company has added a feature called the IP Source Tracker that can help administrators find the entry point through which a denial-of-service attack is coming into the network. The tracker works by instructing a router that is in the attack stream to find the next closest upstream router, which then does the same thing until the tracker finds the device at the edge of the network that is letting in the attack traffic.

Cisco also has added a feature to IOS, known as control plane policing, that, among other things, gives administrators a dedicated management channel into routers, even when the machines are being overwhelmed by DoS attack traffic. And IOS also now includes what Cisco is calling a "transparent firewall," a feature that is designed to simplify the creation of security zones on networks.

On the device side, Cisco, based in San Jose, Calif., is rolling out a new VPN concentrator, the 3020, as well as a new high-end router, the 7301. The VPN 3020 can support up to 750 IPSec tunnels and 200 SSL connections and goes for $9,995. Cisco officials said that the current trend in the industry of turning SSL VPNs into standalone products is not one they intend to follow.

"From our perspective, SSL is another remote-access technology," said Scott Pope, manager of security platforms at Cisco. "Customers shouldnt have to buy another box to get it."

The new router can handle 370 Mbps of traffic and comes with three gigabit Ethernet interfaces for a $21,000 list price. Cisco also is introducing a new version of its Security Device Manager, which includes a new start-up wizard.

All of the new IOS features and devices are available now.

/zimages/3/28571.gifCheck out eWEEK.coms Security Center at for security news, views and analysis.

Be sure to add Our Security news feed to your RSS newsreader: