Cisco tightens security in hardware, software

Cisco is wheeling out a smorgasbord of hardware and software security upgrades to boost performance of VPNs and add more security features such as intrusion detection.

In addition, the company is introducing upgrades to its security management software to make it easier to manage security and to support networks consisting of tens of thousands of secure sites.

Cisco is adding a feature it calls Cisco IOS AutoSecure, an option to lock down routers quickly via a typed command that disables nonessential functions of the operating system and enforces secure access to the router.

Cisco is introducing Security Device Manager, a management tool to configure individual firewalls and VPNs on the Cisco 830 and Cisco 3700 access routers. The software can also evaluate router configurations and recommend changes that will boost security.

CiscoWorks Security Information Management Solution software has been upgraded to make it easier to analyze logs of network security events to rank the severity of threats with the intent of better managing security gear.

An upgrade of Cisco IP Solution Center Security Technology Module is designed to handle management of tens of thousands of VPN endpoints and firewalls. The software centralizes security policies for firewalls and VPNs, and supports deploying and managing them.

A new version of CiscoWorks VPN/Security Management Solutions expands its support to Cisco Catalyst 6500 firewall and VPN hardware modules. It can also monitor Cisco IDS intrusion-detection software version 4.0 as well as new Cisco Security Agent software that was acquired when Cisco bought Okena in January.

Cisco is announcing new cards for Cisco 2600 and 7200 routers and Cisco VPN 3000 concentrators that accelerate VPN encryption for both DES3 and advanced encryption standard (AES) encryption.

Cisco is issuing a new version of its VPN client software for PCs that supports multimedia applications and peer-to-peer applications through firewalls.

A new router card called Access Router IDS Network Module handles intrusion detection at 45M bit/sec. It also is introducing a freestanding IDS appliance called Cisco IDS 4215 Sensor that handles intrusion detection at 80M bit/sec and supports up to five subnets. They both support Cisco IDS 4.1 that screens on peer-to-peer applications that may be banned by corporate policy and checks whether operating systems have been patched against known attacks to reduce the number of false alarms it issues.

 CiscoWorks Security Information Management Solution software is available now and starts at $40,000. Cisco IP Solution Center Security Technology Module starts at $6,000.

CiscoWorks VPN/Security Management Solutions starts at $8,000. The new VPN acceleration cards range from $1,750 to $35,000. Cisco Security agent starts at $1,950. The Access Router IDS Module, available in July, costs $5,000 and the IDS Sensor, available in June, costs $7,300. The rest of the new gear is available now.