CyberSecurity Institute

CEO John Chambers laid out the company’s seven-year network security plan on Wednesday during a keynote speech at RSA Conference 2005 here.

His comments built on Cisco’s Tuesday launch of its Adaptive Threat Defense effort, in which “intelligent” networks defend themselves against security attacks. “We will be acquiring aggressively, partnering aggressively and spending aggressively to build about two-thirds of our (security portfolio),” Chambers said.

A key part of Cisco’s security strategy has been to acquire start-ups for their technology and expertise, and many of its latest security updates have come from these buys. The company’s new Secure Sockets Layer (SSL) virtual private network (VPN) product uses technology picked up in its Twingo deal, for example. It’s also put a tool from Riverhead Networks into its Catalyst switches to help prevent denial-of-service attacks.

For more than a year, Cisco has touted its “self-defending” network initiative, which puts intelligence into devices so they can communicate with each other. That means security can be coordinated across the entire network, from the worker at a desk to the guts of the system.

In its related release of upgrades and new products at the RSA show, Cisco introduced intrusion-prevention software, a revamp of its PIX firewall and the overhauled SSL VPN product, which enables employees to remotely connect to the corporate network using a standard Web browser.

Chambers said that Cisco’s move to extend control over security defenses across the whole network came out of discussions with customers between 1999 and 2001. Clients wanted the ability to track network traffic, end points, applications and users, he said. Chambers warned that companies that build their security architecture based on the worms and malicious software of today will find a whole different set of terms and threats five years from now. As a result, he said, companies should instead be focusing on how to get their security architecture “right” and how the components all work together. “You have to think about where the industry will be in three, five and seven years out,” Chambers said. “And you have to think about security as an architecture…you can’t approach it as a pinpoint of products. We believe that security will evolve and be integrated throughout the network,” he added. “We believe they will tie together and move from a reactive mode to one where we can see an intrusion, know how to contain it and have a whole bunch of different products working together.”

Cisco has already partnered with several antivirus and security companies. In late 2003, it teamed up with three companies in an initiative, named Network Admission Control, that aimed to improve the security of networks accessed via mobile devices.

When all the pieces are in place, the NAC architecture will allow companies to set their network devices to refuse connections from mobile PCs or devices that fail to meet corporate security policies, such as not having the latest software patches and antivirus updates. Currently, Cisco supports the NAC framework on its IP routers, and it plans to introduce support on its Ethernet switches some time this year.

http://news.com.com/Cisco+set+on+security+spending+spree/2100-7347_3-5579566.html?part=rss&tag=5575731&subj=news.7347.5

Sixty-five percent of businesses–big and small–surveyed by Forrester Research said they plan to put money into protecting their systems from malicious and prying software programs in 2005. Technology decision makers from 185 North American companies of all sizes participated in the survey.

While 69 percent of large enterprises said they would purchase anti-spyware tools this year, only 53 percent of small and medium businesses said they’d go for such protection, it found.

The study exposed several cracks in firms’ anti-spyware strategy.

Almost 40 percent of respondents failed to put a number to the total number of their machines that have been infected. According to the rest, about 17 percent of their systems had already suffered from spyware, a number Forrester expects to climb to 25 percent within 12 months.

The survey also showed that although 80 percent of the companies already have anti-spyware tools, they were “introduced in an ad-hoc manner over the past two years to fix infected PCs,” Forrester said. Only a very few firms had any idea how many support calls are related to the spyware invasion. The 44 percent of respondents able to guess estimated it to be 7 percent. PC maker Dell, on the other hand, blamed 20 percent of support calls from its customers on spyware.

The most popular anti-spyware software tools in market are McAfee and LavaSoft’s Ad-Aware, with 42 percent and 36 percent respondents using them respectively.

Forrester says the market is yet ready for consolidation, even though giants such as Microsoft and Computer Associates have gone for early acquisitions. In addition to buying out Giant Company Software, Microsoft recently released a beta version of its anti-spyware software.

Security holds its spot among the top IT initiatives at number three, increasingly paying more attention to spyware.

http://news.zdnet.com/2100-1009_22-5572950.html?part=rss&tag=feed&subj=zdnet

At the RSA Conference in San Francisco, the company plans to announce the largest set of upgrades to its security products in three years, sources say.

The new enhancements should help the company catch up to leading vendors, focusing on such areas as secure socket layer virtual private networks and intrusion prevention. The upgrades should also help Cisco fulfill its promise of a “self-defending” network, beefing up security on IP telephony and other applications, while also extending network protection to the desktop.

And to help corporate customers keep track of new threats, sources say, Cisco is also improving its management products.

Cisco declined to comment on the specifics of its announcements next week, but has scheduled a press briefing at the security show.

Security is an important market for Cisco. It is one of six new areas Cisco has been focusing on to help expand its overall business. So far, security has been proven to be a good investment for the company. Last quarter, revenues from security products were up 30 percent from a year earlier. Cisco’s strength in security has come not from having the best products in every category, but from having a wide breadth of offerings, analysts say. Next week’s announcements should help level the playing field against the pure security vendors while cementing Cisco’s dominance as a network-level security provider, they add.

“Cisco isn’t known as a security company,” said Zeus Kerravala, an analyst with the Yankee Group. “They sell security as part of a network strategy. But it’s clear they are serious about providing more security in the network. They are definitely the security leader among networking vendors.”

Nitty gritty One of the more important upgrades to be announced next week is on Cisco’s SSL VPN product, sources say. SSL VPNs allow users to remotely connect to the corporate network using a standard Web browser. Such upgrades are an important addition to the product, since they will allow remote workers to use their Web browsers to connect to the corporate network rather than a difficult-to-manage IPsec client that must be pre-installed. SSL VPN competitors, such as Juniper Networks, through its Netscreen acquisition, and Aventail have been supporting non-Web applications in their products for some time.

Cisco has also beefed up its intrusion detection product by adding prevention software that can correlate possible symptoms of a worm or virus attack to determine whether certain traffic should be blocked. To give customers more choice with respect to how they deploy this technology, Cisco is updating its Internetwork Operating Software (IOS) so that many of these new security features can also run on its switches and routers, sources report. This software is a big component of Cisco’s Network Admission Control architecture, designed to prevent worms and viruses from entering the network. Cisco has supposedly enhanced this software by adding new anti-spyware protection meant to identify and remove malicious programs before they jump from a PC to the network.

Cisco also plans to introduce a new blade that fits into its Catalyst switches to help prevent denial-of-service attacks on Web servers.

Finally, Cisco will announce improvements to its network management tools using some technology that it recently acquired from Protego. This technology, acquired in December, aggregates and correlates information about security threats, so that network managers can detect attacks.

http://news.zdnet.com/2100-1009_22-5573255.html?part=rss&tag=feed&subj=zdnet