Skip Links

Cisco takes first step in delivering on SecureX vision

ASA CX Context-Aware Security firewall tackles mobile-devices and BYOD

By , Network World
February 28, 2012 01:05 PM ET

Network World - A year Cisco put forward its vision called SecureX about how it would devise ways that its network products, first its firewalls, would be able to capture information related to user devices, especially tablets and smartphones, to exert context-based security control. Today, Cisco took the first step to deliver on that vision while acknowledging more needs to be done.

Tablets, smartphones force Cisco to re-think how security works

What's hot at RSA 2012

At the start of the RSA Conference 2012, Cisco unveiled ASA CX Context-Aware Security, a next-generation firewall which lets administrators set security controls over user devices and network resources related to more than 1,000 applications (Facebook being but one) and many tens of thousands of granular elements within those applications, whether it be video, games, or shopping to provide visibility into application use and highly customizable access control. Cisco also reiterated its strategy is also to build this type of functionality not just into its firewalls but into its Catalyst switches and wireless switches.

"The wireless switches from Cisco will be able to say, 'that's an iPad, that's a phone," said Russell Rice, Cisco director of product marketing during a media and analyst event.

The idea behind amassing a substantial amount of technical detail about smartphones and tablets and their application usage is to give IT managers a way to decide whether specific devices should be granted network access — for instance, some companies may permit 'Bring Your Own Device' for use at work, and some may not. Components called the Identity Services Engine and TrustSec together are used for policy enforcement at the firewall point, blocking or allowing user devices to do specific things.

Rajneesh Chopra, director of product management, provided a demo of ASA CX firewall, saying it will tell you the "who, what, when, where and how" about devices. He said it will tell you about applications, such as whether anyone is uploading videos to Facebook. And it will supply fine-grained URL filtering.

A demo of ASA CX showed how it was tracking user activity related to Web categories, destinations, applications and whether off-limits activities were attempted. Setting policy would be as simple as writing a business policy, such as "Block interns from games," Chopra noted.

The SecureX framework is also supposed to be able to aggregate threat information from Cisco AnyConnect Secure Mobility and real-time threat data from the global Cisco Security Intelligence Operation to provide security alerts.

Cisco's big comeback

As part of its ASA CX-unveiling event, Cisco invited a handful of corporate customers to face an audience of analysts and media to provide their take on corporate security, especially the "Bring Your Own Device" issue.

One Cisco customer, Nick Young, network support manager for Four Seasons Healthcare in the United Kingdom, said in his situation, "the business is telling me, 'now I'm going to bring my iPad in, I'm the manager.' We have to allow people to put things on, and that's where Cisco comes in." He said products like ASA CX should be a help in providing visibility into these BYOD devices and exerting fine-grained controls.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News