Cisco tightens security

Cisco is wheeling out a smorgasbord of security upgrades and advanced threat-protection technologies in an effort to help users integrate security management.

Cisco  is wheeling out a smorgasbord of security upgrades and advanced threat-protection technologies in an effort to help users integrate security management.

The company rolled out 14 security-related packages, including upgrades to its security management software to make it easier to manage security and to support networks consisting of tens of thousands of secure sites. Cisco is adding a feature it calls Cisco IOS AutoSecure, an option to lock down routers quickly via a typed command that disables nonessential functions of the operating system and enforces secure access to the router.

The company is introducing Security Device Manager, a management tool to configure individual firewalls and VPNs on the Cisco 830 and Cisco 3700 access routers. The software also can evaluate router configurations and recommend changes that will boost security.

Also on tap from Cisco:

• CiscoWorks Security Information Management Solution, which has been upgraded to make it easier to analyze logs of network security events to rank the severity of threats so users can improve management of security gear.

• Cisco IP Solution Center Security Technology Module, which has been upgraded to handle management of tens of thousands of VPN endpoints and firewalls. The software centralizes security policies for firewalls and VPNs, and supports deploying and managing them.

• CiscoWorks VPN/Security Management Solutions, which has been upgraded to run on Cisco Catalyst 6500 firewall and VPN hardware modules. It can monitor Cisco IDS intrusion-detection software Version 4.0 along with new Cisco Security Agent software that was acquired when Cisco bought Okena in January.

• New cards for Cisco 2600 and 7200 routers and Cisco VPN 3000 concentrators, which accelerate VPN encryption for Triple-DES and Advanced Encryption Standard encryption.

• A new version of Cisco’s VPN client software for PCs, which supports multimedia applications and peer-to-peer applications through firewalls.

• A new router card called Access Router IDS Network Module, which handles intrusion detection at 45M bit/sec; and a free-standing IDS appliance called Cisco IDS 4215 Sensor, which handles intrusion detection at 80M bit/sec and supports up to five subnets. Both products support Cisco IDS 4.1 that screens on peer-to-peer applications that might be banned by corporate policy and checks whether operating systems have been patched against known attacks to reduce the number of false alarms it issues.

CiscoWorks Security Information Management Solution software starts at $40,000. Cisco IP Solution Center Security Technology Module starts at $6,000.

CiscoWorks VPN/Security Management Solutions starts at $8,000. The new VPN acceleration cards range from $1,750 to $35,000. Cisco Security agent starts at $1,950. The Access Router IDS Module, available in July, costs $5,000 and the IDS Sensor, available in June, costs $7,300. The rest of the new gear is available now.