Cisco raises its security profile

Cisco last week announced enhancements to a number of its software products and hardware designed to make corporate networks more resilient to attacks.

Cisco last week announced enhancements to a number of its software products and hardware designed to make corporate networks more resilient to attacks.

The company unveiled new VPN hardware and new features for the Internetwork Operating System (IOS) and Security Device Manager software to support firewalls and spot the source of denial-of-service (DoS) attacks. The new products and features are part of Cisco’s Self-Defending Network strategy to create autonomic responses to network security threats, the company says.

On the hardware side, Cisco extended VPN support to the 7301 Router, letting that device support 370M bit/sec VPN throughput in addition to a firewall, routing and quality-of-service management features, the company says.

Cisco also added a new device to its 3000 line of VPN concentrators: the VPN 3020 Concentrator. That device has integrated IPSec and Secure Sockets Layer remote-access features and can support up to 750 concurrent VPN users with IPSec and up to 200 users in SSL mode, Cisco said.

On the software front, Cisco unveiled a number of new security features that come with IOS Software Release 12.3T.

The IP Source Tracker is an IOS-based security tool that lets customers access Cisco routers using a special “management channel” even when they are the target of a DoS attack. New command-line interface features in IOS give administrators more control over security operations by restricting access to features based on administrative roles, Cisco says.

The company also announced better firewall support from IOS that will let IT administrators divide their network into trust zones based on IP addresses. Also, a new software product, the Cisco IOS Firewall for IPv6, supports inspection of IPv4 and IPv6 traffic and protocol anomaly inspection, Cisco says.

Among other things, IPv6 lengthens IP addresses from 32 to 128 bits, which will accommodate a new generation of networked devices.

A new version of the Cisco Security Device Manager features start-up wizards that make it easier to deploy security products, update Cisco router configurations and lock down network security. Security Device Manager Version 1.1 also extends support to the Cisco 7200 series router, the company says.

Cisco faces tougher competition on the security front after the February announcement that chief competitor Juniper is buying firewall giant NetScreen Technologies.

The company has been working in recent months to raise its security profile.

In November, Cisco and leading anti-virus companies announced the Cisco Network Admission Control program, which lets Cisco routers evaluate information, such as whether a particular computer’s anti-virus definitions are up to date and its operating system is adequately patched, before letting it connect to a network. The company also is collaborating with IBM to let IBM’s products communicate more directly with Cisco’s network security technology.

Roberts is a correspondent with the IDG News Service’s Boston bureau.