Cisco Underscores Security at RSA

Leaving little doubt about its commitment to the security market, Cisco Systems Inc. unveiled a host of new and updated solutions.

Leaving little doubt about its commitment to the security market, Cisco Systems Inc. unveiled a host of new and updated solutions under the banner of Adaptive Threat Defense at the RSA Conference here Tuesday.

The offerings are part of the companys Self Defending Network strategy and include new security modules for Catalyst switches and application security functionality for the Pix firewall line, the IPS 5.0 release and the VPN 3000 Concentrator.

Cisco is also introducing its Secure Desktop, comprising a wide range of security tools that can secure remote PCs on which users are running the companys SSL (Secure Sockets Layer) VPN client.

Before a user connects to a corporate network through the new WebVPN capability in the VPN 3000 Concentrator Version 4.7 software, Secure Desktop inspects the remote PC to determine whether it is managed or unmanaged. The software can check for anti-virus software, a personal firewall and even hidden malware. During the VPN session, the software protects data the user accesses in an encrypted sandbox, preventing other applications or malware on the machine from accessing the information.

And after the remote session ends, Secure Desktop can overwrite the encrypted partition, destroying all data the user may have saved on the local machine. The system can overwrite the browser cache, history and cookies, and any mail attachments and files that have downloaded.

"This is a major advance for the security of the remote users," said Jayshree Ullal, senior vice president of the Security and Technology Group at Cisco, based in Mountain View, Calif.

On the intrusion prevention system front, Cisco is rolling out two appliances, the 4240, which runs at 250M bps, and 4255, which runs at 600M bps. Both boxes have a diskless architecture. The new IPS 5.0 software they and other Cisco IPS appliances run can prevent application abuse by controlling the usage of instant messaging and other peer-to-peer software. The 5.0 release can perform comprehensive inspection of all traffic over port 80.

Cisco has added the port 80 control to the Pix 7.0 release, along with the ability to filter MIME (Multipurpose Internet Mail Extension) types and validate the content of messages to prevent virus and worm infections via e-mail.

The IOS (Internetwork Operating System) router is getting new security capabilities in Version 12.3. The release includes HTTP and e-mail inspection engines that can prevent the misuse of the various protocols.

In addition, the company announced a new version of its Cisco Security Agent, along with Cisco Security Auditor. All the products will be available this quarter, except for the auditor, which will come out in April.


Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.