Networking equipment maker Cisco Systems has announced
licensing agreements with three leading antivirus software
companies and a program claimed to protect computer networks from
worms and viruses.
The Cisco Network Admission Control program will enable Cisco
routers to evaluate information, such as whether a particular
computer's antivirus definitions are up to date and its operating
system is adequately patched, before allowing it to connect to a
network.
The program was developed jointly by Cisco and antivirus
companies Network Associates, Symantec and Trend Micro, and will
address the security risks posed by remote and mobile computer
users who are connecting to corporate networks using home broadband
connections or even PDAs.
Many organisations recently stopped worms such as Blaster and
Nachi at their network perimeter using firewall and IDS (intrusion
detection system) software. However, some of those companies
suffered anyway when mobile workers and telecommuters became
infected through unprotected home internet connections, then
brought their infected machines to work or logged in to corporate
networks using a dial-up or VPN (virtual private network)
connection.
Cisco Network Admissions Control will prevent such infections by
allowing Cisco routers to enforce access privileges when a remote
computer attempts to connect to a network. Noncompliant devices can
be denied access, quarantined or allowed only limited access to
network computing resources.
At the heart of the new system is a new software client called
the Cisco Trust Agent, which is installed on laptops, home desktops
or servers, or mobile devices that will be connecting to a
computing network. The Trust Agent collects information from other
security software clients including antivirus clients, and relays
that information to Cisco devices on the network.
NAI, Symantec and Trend Micro have licensed the Trust Agent
software from Cisco and will integrate it with their own software
clients. In related news, NAI said that it will integrate the Trust
Agent with McAfee Security technology, as part of the McAfee
Trusted Connection Strategy program.
Cisco is also integrating the Trust Agent with the Cisco
Security Agent, a software client for servers and desktop systems
which provides integrated firewall, intrusion detection and
content-based security. That integration will enable Cisco networks
to enforce access policies based on whether or not a machine's
operating system is adequately patched, Cisco said.
The new program marks a shift in tactics for addressing the
threats posed by worms and viruses, according to Chris
Christiansen, an analyst at IDC.
Previously, many security companies treated user desktop and
laptop computers mainly as the target of malicious code. The Cisco
Network Admission Control program, incorporating the lessons of
Blaster and other recent attacks, treats them as transmission
points for attacks on the network infrastructure.
"There's a recognition that the network is the true destination
of the attack and that routers and switches need to have the
ability to protect the network," Christiansen said.
While the new program initially involves only major antivirus
and security companies, Cisco will release an API (application
program interface) that allows other companies to integrate the new
Cisco technology with their products, Christiansen said.
Paul Roberts writes for IDG News Service