Cisco Updates Security Management Tools

By Alex Handy

April 10, 2008 —  Great security features are only as good as the person implementing them. Or, at least, only as good as the tools used to implement them. Cisco Systems, on April 8 at the RSA Conference, revealed a host of updates and features that it has integrated across its product lines. The new features move further up the network stack, and offer an easier centralized management framework.

Fred Kost, director of solutions marketing for security at Cisco, said that Cisco’s movement up the stack is a natural progression and all part of the company’s vision for dynamically self-tuning networks.

At the heart of these updates were version 6.0 of Cisco Security Monitor and Response System (MARS) 6.0, and Cisco Security Manager (CSM) 3.2 These two new security management products are growing closer together, and these updated versions include more hooks to allow them to work together to create and deploy security policies with CSM, and then monitor their effects through MARS.

IOS Gets SIP’d
With Cisco’s heavy movements into the voice over IP space, it is no surprise that the company updated IOS on April 8 to be more SIP aware. Additionally, the operating system that runs Cisco hardware is also able to more granularly control content filtering. These two features are available as a point release update for all IOS systems.

Cisco also released a new firewall blade for its switches and routers, which can run IPS type functionality at 605MB per second. The new blade can identify trusted traffic once it’s begun to flow, can get out of the way and, as Kost puts it “let it rip.”

For Cisco’s regular IPS boxes, the company has addressed a key concern of its customers with the release of a new slimmed-down management console. While Cisco customers with more than 5 IPS boxes in their networks will continue to use MARS and CSM to maintain those systems, smaller installations can now be managed through a smaller, easier-to-understand dashboard-style management console, aimed at less experienced sysadmins.

Cisco’s journey up the stack, however, is solidified in the new version of the Endpoint Cisco Security Agent 6.0. This client-side IPS system can block malware and bad packets on end-user systems. But with this release, Cisco is targeting data loss prevention by integrating document identification and monitoring capabilities. Documents that CSA understands to be secure can be watched and kept safe from possible loss at the hands of users unaware.

CSA also now includes anti-virus protections for end users. Kost stated that Cisco has no intention of getting into the desktop anti-virus market, but that this feature makes life easier for IT staff, since they no longer have to install CSA and a third-party anti-virus software.



Related Search Term(s): Cisco, security, servers & blades

Share this link: http://www.sysmannews.com/link/31998